Capital One Just Announced A Data Breach That Exposed Thousands of Social Security and Bank Account Numbers
As if this doesn’t happen enough, it’s happened again… Capital One Just Announced A Data Breach That Exposed Thousands of Social Security and Bank Account Numbers and the kicker- they knew about it a week ago.
Capital One released a press release about an hour ago with the details saying that on July 19, 2019, they
determined there was unauthorized access by an outside individual who obtained certain types of personal information relating to people who had applied for its credit card products and to Capital One credit card customers
Press Release
Why are we finding out a week later about this? No idea, my guess would be because they had to get the authorities involved and find the person who did it, which they did.
The press release goes on to say:
Capital One immediately fixed the configuration vulnerability that this individual exploited and promptly began working with federal law enforcement. The FBI has arrested the person responsible and that person is in custody. Based on our analysis to date, we believe it is unlikely that the information was used for fraud or disseminated by this individual. However, we will continue to investigate.
“While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened,” said Richard D. Fairbank, Chairman and CEO. “I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.”
The bad news is, this event affected approximately 100 million individuals in the United States and approximately 6 million in Canada. Exposing personal information such as social security numbers and even bank account numbers.
And while they say that no credit card account numbers or log-in credentials were compromised and over 99 percent of Social Security numbers were not compromised, it’s still disheartening.
The largest category of information accessed was information on consumers and small businesses as of the time they applied for one of our credit card products from 2005 through early 2019. This information included personal information Capital One routinely collects at the time it receives credit card applications, including names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income. Beyond the credit card application data, the individual also obtained portions of credit card customer data, including:
Customer status data, e.g., credit scores, credit limits, balances, payment history, contact information
Fragments of transaction data from a total of 23 days during 2016, 2017 and 2018
No bank account numbers or Social Security numbers were compromised, other than:
About 140,000 Social Security numbers of our credit card customers
About 80,000 linked bank account numbers of our secured credit card customers
That is still a good chunk of person information out there for the world to see.
As of right now, you won’t be able to know whether or not you are affected by this data breach. However, Capital One intends to contact affected individuals and offer free credit monitoring and identity protection available to everyone affected.
If you are a Capital One customer, it’s worth keeping an eye on your credit report and bank accounts just in case!