Capital One: Arrest after details of 106m people stolen​

2 minutes to read
Capital One: Arrest after details of 106m people stolen​

A hacker, by the name of Paige Thompson, was able to hack into Capital One’s database by exploiting a ‘configuration vulnerability’ in the company’s infrastructure. However, the hacker, a former Amazon employee, also boasted about her feat online on social media.

“I’ve basically strapped myself with a bomb vest, (expletive) dropping capitol ones dox and admitting it,” Thompson wrote, under the “erratic” alias, in a June 18 Twitter message. “There ssns…with full name and dob” — an apparent reference to Social Security numbers.

Capital One was made aware of the hack after a ‘white hacker’ sent an email to an address set up by the company. “Hello there,” the email said, according to federal prosecutors. “There appears to be some leaked s3 data of yours in someone’s github/gist.” A link was provided to an account at GitHub, a company that allows users to manage and store project revisions, mostly related to software development.

To Capital One’s credit, it did not take them long to identify the individual and assess the damage. On July 22nd, it announced that about 100 million people in the U.S. had been impacted by the breach, and another 6 million in Canada. The illegally accessed data, which was stored on servers rented from Amazon Web Services, was primarily related to credit card applications and included personal information, like names, addresses and dates of birth, and some financial information, including self-reported income and credit scores.

Capital One said that although about 140,000 social security numbers and 80,000 linked bank account numbers were compromised in the US, it was unlikely the information was used for fraud but it would continue to investigate the breach.

The company will notify those affected and will provide them with free credit monitoring and identity protection. The Chairman, Richard Fairbank, issued a personal apology in a statement saying: “While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened.” He added, “I sincerely apologise for the understandable worry this incident must be causing those affected and I am committed to making it right.”

Ms Thompson, meanwhile, faces a maximum sentence of five years in prison and a $250,000 fine.

Topics:

search other content

read similar news

share this news

Share on linkedin
Share on facebook
Share on twitter
Share on reddit
Share on email

ENJOYED this NEWS?

Consider making a small donation, so we can continue to create amazing content with our local partners. We suggest a minimum of $0.05 cents per news article, or signing up for a Membership.