6 million Canadians impacted by Capital One data breach

Supported By:

Net Patrol International Inc.  Data Investigation and Forensic Services
Bankruptcy and Insolvency Trustees

Image credit: Capital One Bank, Bastrop, LA IMG 2804″ by Billy Hathorn is licensed under CC BY-SA 3.0 (https://creativecommons.org/licenses/by-sa/3.0/deed.en)

McLean, USA (July 30, 2019) – Capital One declared that a hacker obtained the personal information of 6 million Canadians and in total of more than 100 million Capital One credit applicants from 2005 through early 2019.

An “external security researcher” reported the massive data breach of Capital One through their Responsible Disclosure Program on July 17, 2019. Two days later, the company determined there was unauthorized access by an outside individual. Investigations unveiled that the incident occurred on March 22 and 23, 2019.

The bank said, most of the hacked data was information on consumers and small businesses who applied for credit cards including names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income. But also credit scores, balances, payment history, and transaction data was accessed and in some cases even Social Security numbers as well as bank account numbers.

“While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened,” said Richard D. Fairbank, Chairman and CEO. “I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.”

The bank believes that it is unlikely that the information was used for fraud or disseminated by the hacker up until now. As a consequence, Capital One will offer free credit monitoring and identity protection to everyone affected.

Capital One immediately informed law enforcement. The FBI arrested Paige A. Thompson on July 29, 2019. Thompson – who calls herself “erratic” online – is a former Amazon.com Inc. employee. She discussed her crime online with others, Bloomberg reports. The 33-year-old is charged with computer fraud and abuse.