Thursday, October 10, 2024
HomeCyber Security NewsCapital One Hacked - Over 100 Million Credit Card Application Data Exposed

Capital One Hacked – Over 100 Million Credit Card Application Data Exposed

Published on

Capital one hacked, the hack exposed more than 100 million customers data across the US and Canada. The breach was learned by Capital One Financial Corporation on July 19, 2019.

Following are the personal information affected with the breach that includes names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, credit scores, credit limits, balances, payment history, contact information, and self-reported income.

The leaked data includes 140,000 Social Security numbers and 80,000 linked bank account numbers, according to the company statement “no credit card account numbers or log-in credentials were compromised and over 99 percent of Social Security numbers were not compromised.”

- Advertisement - EHA

Unauthorized Access

Capital One reads the unauthorized access first on July 19, 2019, “unauthorized access by an outside individual who obtained certain types of personal information” of customers who applied for credit cards Capital One.

The affected data also includes fragments of transaction data “from a total of 23 days during 2016, 2017 and 2018”, the company expects this hack could cost “approximately $100 to $150 million in 2019″.”

“While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened,” said Richard D. Fairbank, Chairman, and CEO. “I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.”

The major part of the leaked information includes information on consumers and small businesses as who applied for credit cards between 2005 through early 2019.

Capital One Hacked – Tech Worker Arrested

As soon they aware of the intrusion they immediately fixed the vulnerability and started working with FBI, the FBI has arrested the tech worker associated with the breach.

According to court records, a woman Paige A. Thompson a/k/a erratic, 33, posted on GitHub about her theft of information form Capital One server, the intrusion occurs because of a misconfigured web application firewall that enabled data access. She is detained and pending for hearing on August 1, 2019.

“Capital One quickly alerted law enforcement to the data theft — allowing the FBI to trace the intrusion,” said U.S. Attorney Moran. “I commend our law enforcement partners who are doing all they can to determine the status of the data and secure it.”

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Mozilla Warns Of Firefox Zero-Day Actively Exploited In Cyber Attacks

A critical use-after-free vulnerability affecting Firefox and Firefox Extended Support Release (ESR) is being...

SpyCloud Embeds Identity Analytics in Cybercrime Investigations Solution to Accelerate Insider and Supply Chain Risk Analysis & Threat Actor Attribution

IDLink, SpyCloud’s new automated digital identity correlation capability, is now core to its industry-leading...

Abusix and Red Sift Form New Partnership, Leveraging Automation to Mitigate Cyber Attacks

The agreement has marked over 600,000 fraudulent domains for takedown in just two months...

Hackers Exploiting Zero-day Flaw in Qualcomm Chips to Attack Android Users

Hackers exploit a zero-day vulnerability found in Qualcomm chipsets, potentially affecting millions worldwide.The flaw,...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Hackers Exploiting Zero-day Flaw in Qualcomm Chips to Attack Android Users

Hackers exploit a zero-day vulnerability found in Qualcomm chipsets, potentially affecting millions worldwide.The flaw,...

Foxit PDF Reader Vulnerability Let Attackers Execute Arbitary Code

Researchers recently disclosed six new security vulnerabilities across various software, as one critical vulnerability...

Wireshark 4.4.1 Released, What’s new!

Wireshark, the world’s leading network protocol analyzer, has just released version 4.4.1, bringing a...