How an ex-Amazon Web Services tech Exposed Personal Information's in Capital One Breach

  • By David Lukic
  • Feb 11, 2021

If you have read the news lately, you have heard about the capital one breach latest bank hack, which affected over 100 million Capital One customers.  The hacker, Paige Thompson (33), an ex-Amazon Web Services tech, was able to exploit a vulnerability in Capital One’s server firewall and steal millions of credit applications going back to 2005 up to 2019. The data stolen was personal information like names, addresses, income sources, dates of birth, phone numbers, email addresses, and social security numbers. Capital One states that no credit card numbers were stolen in capital one cyber incident. Additionally, Capital One reports that some additional types of information were stolen such as:

  • “Customer status data, e.g., credit scores, credit limits, balances, payment history, contact information.
  • Fragments of transaction data from a total of 23 days during 2016, 2017, and 2018.
  • About 140,000 Social Security numbers of our credit card customers.
  • About 80,000 linked bank account numbers of our secured credit card customers.”

When Was the Capital One Breach?

The Capital One data breach occurred on March 22nd and 23rd of this year.  Capital One discovered the incident on July 19, 2019 and worked closely with the FBI to catch the criminal and recover the data. The FBI believes that none of the information was used for fraud or identity theft.

Capital One Data breach of 2019 How to Check If you were Breached

The first thing to consider is, are you affected by the Capital One data breach of 2019 and what to do about it.
Capital One has identified the affected parties and alerted them via mail if their bank account numbers or social security numbers were included in the data breach. Some Canadian customers were also affected, and they were alerted through mail as well. Capital One has not set up any websites or tools to check to see if you were affected. They are informing customers themselves, but you could contact them by phone to make sure your accounts are safe.

capital one breach

What to Do if Your Victim of Capital One Breach

Although Capital One and the FBI are assuring customers that none of the data was used for fraud, you may still want to explore a Capital One data breach 2019 check by contacting them and reviewing your credit reports with each of the credit reporting agencies. To get a copy of your credit report use this link: You can also contact each agency easily using the numbers  below:

  • Equifax : 1-800-525-6285; Equifax Information Services LLC, P.O. Box 105069, Atlanta, GA 30348-5069.
  • Experian : 1-888-EXPERIAN (397-3742); P.O. Box 9532, Allen, TX 75013.
  • TransUnion : 1-800-680-7289; Fraud Victim Assistance Department, P.O. Box 2000, Chester, PA 19016.

Any Lawsuits and Settlements for Capital One Breach?

Currently, there are no lawsuits or Capital One data breach 2019 settlements, but Capital One is offering all customers TransUnion credit monitoring for two years. You can sign up for this service by contacting TransUnion directly or call Capital One at 1-844-388-8999.

Can My Information from Capital One Security Breach be Used for Identity Theft?

Even without being exposed to a data breach, your information may be stolen and used for identity theft. The perpetrator of this Capital One data breach posted some of the information online and tried to sell it but was caught before doing so. Even with reassurances by Capital One and the FBI, your personal details could have been leaked to someone with the intent of using it to defraud you. Be on the watch for phone calls or phishing emails in connection with Capital One breach. Capital One will only contact you by mail if you were affected.

capital one breach 2019

What to Do to Protect Yourself

The best protection for this type of incident is to sign up for credit monitoring and watch your accounts closely. Additional tips to stay safe are:

  • Change your bank and credit card login passwords often (and use complex combinations of letters, numbers, and symbols). 
  • Another option is to put a credit freeze on your accounts so no new accounts can be opened in your name with your express permission.
  • If you receive any suspicious emails that look like they came from Capital One, forward them to Do not open any attachments or click any links. 
  • If you think you have been a victim of fraud, contact banks or credit cards and report it. Have your credit card numbers and PINs changed as well.
Watch out for scams and visit the Capital One website for any updates or additional information.
About the Author
IDStrong Logo

Related Articles

The Anatomy Of Amazon Data Breach Explained

Along with being an online merchant, Amazon also supplies cloud servers to some heavy hitters in t ... Read More

What is Data Leak and How to Prevent Accidental Data Leakage

Data breaches take many forms, and one of them is through data leak and accidental web exposure. M ... Read More

The Saga of T-Mobile Data Breach

T-Mobile Data Breach incident occurred many times. Once from September 1, 2013, and September 16, ... Read More

Anthem Data Breach Exposed 78 Million Records

In the Anthem Data Breach of 2015, hackers were able to steal 78.8 million member’s records. Wha ... Read More

Everything You Need to Know About Insider Data Breach

Data breaches are on the news frequently, but the average person doesn’t really know that mu ... Read More

Latest Articles

Pennsylvania Maternal & Family Health Services Announces Ransomware Attack

Pennsylvania Maternal & Family Health Services Announces Ransomware Attack

Anyone paying even little attention to cybersecurity knows that medical practices and services are some of the most targeted institutions in the world.

Weekly Cybersecurity Recap January 27

Weekly Cybersecurity Recap January 27

This week, our lineup is pretty hard-hitting. Some of the biggest names in, well, everything, have been hacked, with a combined victim total of well into the millions.

MailChimp Announces Data Breach Affecting Tiny Number of Customers – With Big Ripples

MailChimp Announces Data Breach Affecting Tiny Number of Customers – With Big Ripples

MailChimp has been hacked repeatedly over the years; there is very little surprise in the breach, though one thing should be considered.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an email address