How an ex-Amazon Web Services tech Exposed Personal Information's in Capital One Breach

  • By David Lukic
  • Published: Feb 11, 2021
  • Last Updated: Mar 18, 2022

If you have read the news lately, you have heard about the capital one breach latest bank hack, which affected over 100 million Capital One customers.  The hacker, Paige Thompson (33), an ex-Amazon Web Services tech, was able to exploit a vulnerability in Capital One’s server firewall and steal millions of credit applications going back to 2005 up to 2019. The data stolen was personal information like names, addresses, income sources, dates of birth, phone numbers, email addresses, and social security numbers. Capital One states that no credit card numbers were stolen in capital one cyber incident. Additionally, Capital One reports that some additional types of information were stolen such as:

  • “Customer status data, e.g., credit scores, credit limits, balances, payment history, contact information.
  • Fragments of transaction data from a total of 23 days during 2016, 2017, and 2018.
  • About 140,000 Social Security numbers of our credit card customers.
  • About 80,000 linked bank account numbers of our secured credit card customers.”

When Was the Capital One Breach?

The Capital One data breach occurred on March 22nd and 23rd of this year.  Capital One discovered the incident on July 19, 2019 and worked closely with the FBI to catch the criminal and recover the data. The FBI believes that none of the information was used for fraud or identity theft.

Capital One Data breach of 2019 How to Check If you were Breached

The first thing to consider is, are you affected by the Capital One data breach of 2019 and what to do about it.
Capital One has identified the affected parties and alerted them via mail if their bank account numbers or social security numbers were included in the data breach. Some Canadian customers were also affected, and they were alerted through mail as well. Capital One has not set up any websites or tools to check to see if you were affected. They are informing customers themselves, but you could contact them by phone to make sure your accounts are safe.

capital one breach

What to Do if Your Victim of Capital One Breach

Although Capital One and the FBI are assuring customers that none of the data was used for fraud, you may still want to explore a Capital One data breach 2019 check by contacting them and reviewing your credit reports with each of the credit reporting agencies. To get a copy of your credit report use this link: www.annualcreditreport.com. You can also contact each agency easily using the numbers  below:

  • Equifax : 1-800-525-6285; Equifax Information Services LLC, P.O. Box 105069, Atlanta, GA 30348-5069.
  • Experian : 1-888-EXPERIAN (397-3742); P.O. Box 9532, Allen, TX 75013.
  • TransUnion : 1-800-680-7289; Fraud Victim Assistance Department, P.O. Box 2000, Chester, PA 19016.

Any Lawsuits and Settlements for Capital One Breach?

Currently, there are no lawsuits or Capital One data breach 2019 settlements, but Capital One is offering all customers TransUnion credit monitoring for two years. You can sign up for this service by contacting TransUnion directly or call Capital One at 1-844-388-8999.

Can My Information from Capital One Security Breach be Used for Identity Theft?

Even without being exposed to a data breach, your information may be stolen and used for identity theft. The perpetrator of this Capital One data breach posted some of the information online and tried to sell it but was caught before doing so. Even with reassurances by Capital One and the FBI, your personal details could have been leaked to someone with the intent of using it to defraud you. Be on the watch for phone calls or phishing emails in connection with Capital One breach. Capital One will only contact you by mail if you were affected.

capital one breach 2019

What to Do to Protect Yourself

The best protection for this type of incident is to sign up for credit monitoring and watch your accounts closely. Additional tips to stay safe are:

  • Change your bank and credit card login passwords often (and use complex combinations of letters, numbers, and symbols). 
  • Another option is to put a credit freeze on your accounts so no new accounts can be opened in your name with your express permission.
  • If you receive any suspicious emails that look like they came from Capital One, forward them to abuse@capitalone.com. Do not open any attachments or click any links. 
  • If you think you have been a victim of fraud, contact banks or credit cards and report it. Have your credit card numbers and PINs changed as well.
Watch out for scams and visit the Capital One website for any updates or additional information.
About the Author
IDStrong Logo

Related Articles

What is Data Leak and How to Prevent Accidental Data Leakage

Data breaches take many forms, and one of them is through data leak and accidental web exposure. M ... Read More

The Saga of T-Mobile Data Breach: 2013, 2015, 2021 and 2023 Hacks

T-Mobile has experienced a number of data breaches in the past decade. The first case occurred som ... Read More

Anthem Data Breach Exposed 78 Million Records

In the Anthem Data Breach of 2015, hackers were able to steal 78.8 million member’s records. ... Read More

Everything You Need to Know About Insider Data Breach

Data breaches are on the news frequently, but the average person doesn’t really know that much a ... Read More

The NSA Hack, How Did it Happen?

The National Security Agency (NSA) was the main attraction in a major data breach involving three ... Read More

Latest Articles

Avoiding Scams During the 2024 Paris Olympics

Avoiding Scams During the 2024 Paris Olympics

Breakdancing is coming to the world stage while French citizens stage a creative protest with the hashtag "JeChieDansLaSeineLe23Juin.

What is a Brute Force Attack in Cybersecurity and How to Prevent it

What is a Brute Force Attack in Cybersecurity and How to Prevent it

In the world today, there is a plethora of critical data circulating the internet, leading to complex attacks like brute force attacks.

Watering Hole Attacks: What They Are and How to Prevent Them

Watering Hole Attacks: What They Are and How to Prevent Them

Hackers often lurk around the most popular websites, looking for ways to exploit users. These sites include ticket purchasing, travel, e-commerce, and banking.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Notice

By proceeding with this scan, you agree to let IDStrong run a Free Scan of supplied parameters of your personal information and provide free preliminary findings in compliance with our Terms of Use and Privacy Notice. You consent to us using your provided information to complete the Free Scan and compare it against our records and breach databases or sources to provide your Free preliminary findings report.

Rest assured: IDStrong will not share your information with third parties or store your information beyond what is required to perform your scan and share your results.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address
Close