Get Started Today!  (415) 295-4898

croom new

415 IT Blog

Hack of Capital One Exposes Information on 100,000 Customers

Hack of Capital One Exposes Information on 100,000 Customers

Capital One is one of the largest credit card issuers in the world. On July 29th 2019, Capital One made an announcement, confirming it is the victim of one of the largest data breaches in financial sector history, as a former software engineer for Amazon has been indicted on charges related to the hacking.

Here’s what we know:

Capital One has admitted that the personally identifiable information (PII) of over 100 million American and Canadian credit applicants’ information has been exposed. The company did admit that no credit card account numbers or authentication credentials were compromised in the hack. They also go on to mention that in 99 percent of the files, social security numbers were not compromised. The largest category of information that was accessed were individual and small business credit applications that span from 2005 to 2019.

The perpetrator, Paige Thompson of Seattle, Washington, was a former software developer for Amazon Web Services (AWS), which took advantage of a firewall misconfiguration to gain access to the information, AWS confirmed Monday. The flaw came as a result of a setup error and not a flaw within the massively popular AWS.

The breach happened on March 22 to 23, 2019. Thompson was apprehended as a result of being reported to Capital One for storing incriminating evidence on her Github and Slack accounts. Capital One contacted the FBI on July 19, 2019 and after a short investigation, Thompson was arrested and indicted by the Western District of Washington.

The CEO of Capital One, Richard Fairbank released the following statement:

“While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened. I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.”

For a full report of the event, visit:

Capital One has said that it will inform you if you have been a victim of this massive attack, but if like many of us, too much is at stake to wait for the company to reach out to you, you can take some immediate steps to safeguard your personal information.

  • Check your accounts - Account monitoring and fraud detection should be a major part of any action you take to secure personal information.
  • Change passwords - One great way to at least feel more secure after a major hack like this is to immediately change your passwords.
  • Freeze your credit report - One option you can take to protect yourself is to freeze your credit report, this won’t let any credit reporting services check your credit, meaning if someone were to try to take money out in your name that the banks wouldn’t be able to authorize credit.
  • Avoid scams - A big part of keeping any data secure is to not give unauthorized parties access to it. That means avoiding phishing attacks and other scams.
  • Continued vigilance - Vigilance over your account information, your personally identifiable information, and your overall financial health is more important than ever. As mentioned above, credit monitoring and fraud detection services give users tools to combat unauthorized access.

Keeping yourself and your business secure online is more difficult than ever. To learn more about data security, subscribe to our blog.

Improve Your Business’ Communication with VoIP
Alert: Microsoft is Retiring Two Major Operating S...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Saturday, January 25 2020

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Tip of the Week Technology Productivity Best Practices Business Computing Data Backup Data Network Security IT Support Privacy Hosted Solutions Cloud Data Recovery IT Services Software Malware Email Outsourced IT Internet Managed IT Services Tech Term Efficiency Innovation Business Windows 10 Computer Upgrade User Tips Hackers Cloud Computing Small Business Microsoft Collaboration Hardware Mobile Devices Business Management Phishing Ransomware Business Continuity Google Workplace Tips Cybersecurity Managed Service Backup VoIp Paperless Office Server Office 365 Smartphones Android Communication Managed IT Managed Service Provider Encryption Communications Remote Monitoring BDR Artificial Intelligence Business Technology Holiday Vulnerability Internet of Things Passwords Data Management Smartphone Miscellaneous Laptops Disaster Recovery Saving Money Help Desk Wi-Fi Facebook Document Management Quick Tips Government Save Money Windows 7 Healthcare Mobile Device Managed IT services Browser Applications Processor Avoiding Downtime Project Management Employer-Employee Relationship Information Antivirus Redundancy Scam Social Media Bandwidth Automation Tip of the week Microsoft Office Compliance Network Blockchain Infrastructure Vendor Management IT Management Software as a Service RMM Customer Relationship Management Data Loss Two-factor Authentication Chrome Router Maintenance Analytics VPN Machine Learning Website Access Control BYOD Virtualization Windows Data Security Apps Word Remote Workers Password IoT Net Neutrality Gadgets Regulations Patch Management Co-Managed IT Assessment Management File Sharing Hard Drive Tablet Dark Web Network Management Internet Exlporer Users File Management Alert Proactive Consultation Smart Technology Storage Monitoring Payment Cards HIPAA Utility Computing Bring Your Own Device Remote Monitoring and Management Financial Networking Operating System Professional Services Training Search Mobile Security OneDrive Unified Threat Management Employees Unified Communications Files Social Network Recycling Consulting Downtime Virtual Private Network Mobility Employee-Employer Relationship Gmail The Internet of Things Company Culture Server Management Risk Management Managed Services Provider Cooperation Mail Merge User Error Favorites Money Wasting Time Current Events Superfish Wireless Mouse Language Smart Devices Vulnerabilities Read Only Security Cameras Break Fix Holidays Asset Tracking Backup and Disaster Recovery CIO applications Remote Work Managing Stress Data Breach Websites Employer/Employee Relationships Apple Nanotechnology Wires Downloads MSP Finance Permissions Windows Server Chatbots Point of Sale Tech Terms Cyber Monday Staff Address WiFi Conferencing Microsoft Excel Database Mirgation Computing Infrastructure Hard Disk Drives Sensors Mobile Computing Printing Augmented Reality Notes Wearable Technology Star Wars IT Human Error Spam Enterprise Content Management SaaS Proactive Maintenance Solid State Drive App Optimization Authentication Google Calendar Fraud User Management Identity Theft Enterprise Resource Planning Techology E-Commerce Theft Geography Meetings Voice over Internet Protocol Projects Cache Electronic Medical Records Computing Alerts Solid State Drives Remote Worker Virtual Reality Touchscreen Hacking PowerPoint Display Business Telephone OneNote Permission Travel Value of Managed Services Social Networking Technology Laws Time Management Cybercrime Cyber security Screen Reader Emergency Multi-Factor Security Virtual Machines Authorization Teamwork Information Technology Identity Outlook Disaster Resistance Features Firewall Telephone Modem High-Speed Internet Printer Politics Return on Investment Remote Computing Comparison Licensing Heating/Cooling Options Unified Threat Management Office Private Cloud Data Warehousing Flexibility Trending Tech Support IT Assessment How To Test Technology Tips Managed Services G Suite Distributed Denial of Service Statistics Database Management Smart Tech Credit Cards WPA3 Legislation Shared resources Going Green Mobile Shortcut Proactive IT Electronic Health Records Procurement 5G Mobile VoIP Development Instant Messaging Settings Personal Information Specifications Servers Bookmarks ROI Operations Virtual Assistant Bitcoin IT Technicians Cost Management Lenovo Digital Payment Hotspot Manufacturing Vendor Motherboard Chromebook Social Managed IT Service Bluetooth GDPR Connectivity Samsung Computers Fleet Tracking Zero-Day Threat Recovery Batteries IT Consulting Cyberattacks Wireless Internet Big Data Cookies Cables SharePoint Windows Server 2008 Customer Service Transportation Active Directory Migration eWaste Mobile Device Management Black Friday Twitter Marketing Education Printers CEO Students Daniel Stevens Regulation Digitize

Latest Blog

All work and no play makes Jack a dull boy, as the saying goes, but is this really useful advice if you’re trying to keep Jack, Jill, and the rest of your team engaged in the workplace? As it happens, it is! Let’s explore how you can use gamification to your business’ benefi...

Latest News

We are proud to announce that 415 IT and our CEO, Daniel Stevens, were recently featured by CIO Applications. We discussed how and why we serve our clients, as well as some sneak peeks for our future. Read our interview by visiting:  https:...