How an ex-Amazon Web Services tech Exposed Personal Information's in Capital One Breach

  • By David Lukic
  • Published: Feb 11, 2021
  • Last Updated: Mar 18, 2022

If you have read the news lately, you have heard about the capital one breach latest bank hack, which affected over 100 million Capital One customers.  The hacker, Paige Thompson (33), an ex-Amazon Web Services tech, was able to exploit a vulnerability in Capital One’s server firewall and steal millions of credit applications going back to 2005 up to 2019. The data stolen was personal information like names, addresses, income sources, dates of birth, phone numbers, email addresses, and social security numbers. Capital One states that no credit card numbers were stolen in capital one cyber incident. Additionally, Capital One reports that some additional types of information were stolen such as:

  • “Customer status data, e.g., credit scores, credit limits, balances, payment history, contact information.
  • Fragments of transaction data from a total of 23 days during 2016, 2017, and 2018.
  • About 140,000 Social Security numbers of our credit card customers.
  • About 80,000 linked bank account numbers of our secured credit card customers.”

When Was the Capital One Breach?

The Capital One data breach occurred on March 22nd and 23rd of this year.  Capital One discovered the incident on July 19, 2019 and worked closely with the FBI to catch the criminal and recover the data. The FBI believes that none of the information was used for fraud or identity theft.

Capital One Data breach of 2019 How to Check If you were Breached

The first thing to consider is, are you affected by the Capital One data breach of 2019 and what to do about it.
Capital One has identified the affected parties and alerted them via mail if their bank account numbers or social security numbers were included in the data breach. Some Canadian customers were also affected, and they were alerted through mail as well. Capital One has not set up any websites or tools to check to see if you were affected. They are informing customers themselves, but you could contact them by phone to make sure your accounts are safe.

capital one breach

What to Do if Your Victim of Capital One Breach

Although Capital One and the FBI are assuring customers that none of the data was used for fraud, you may still want to explore a Capital One data breach 2019 check by contacting them and reviewing your credit reports with each of the credit reporting agencies. To get a copy of your credit report use this link: You can also contact each agency easily using the numbers  below:

  • Equifax : 1-800-525-6285; Equifax Information Services LLC, P.O. Box 105069, Atlanta, GA 30348-5069.
  • Experian : 1-888-EXPERIAN (397-3742); P.O. Box 9532, Allen, TX 75013.
  • TransUnion : 1-800-680-7289; Fraud Victim Assistance Department, P.O. Box 2000, Chester, PA 19016.

Any Lawsuits and Settlements for Capital One Breach?

Currently, there are no lawsuits or Capital One data breach 2019 settlements, but Capital One is offering all customers TransUnion credit monitoring for two years. You can sign up for this service by contacting TransUnion directly or call Capital One at 1-844-388-8999.

Can My Information from Capital One Security Breach be Used for Identity Theft?

Even without being exposed to a data breach, your information may be stolen and used for identity theft. The perpetrator of this Capital One data breach posted some of the information online and tried to sell it but was caught before doing so. Even with reassurances by Capital One and the FBI, your personal details could have been leaked to someone with the intent of using it to defraud you. Be on the watch for phone calls or phishing emails in connection with Capital One breach. Capital One will only contact you by mail if you were affected.

capital one breach 2019

What to Do to Protect Yourself

The best protection for this type of incident is to sign up for credit monitoring and watch your accounts closely. Additional tips to stay safe are:

  • Change your bank and credit card login passwords often (and use complex combinations of letters, numbers, and symbols). 
  • Another option is to put a credit freeze on your accounts so no new accounts can be opened in your name with your express permission.
  • If you receive any suspicious emails that look like they came from Capital One, forward them to Do not open any attachments or click any links. 
  • If you think you have been a victim of fraud, contact banks or credit cards and report it. Have your credit card numbers and PINs changed as well.
Watch out for scams and visit the Capital One website for any updates or additional information.
About the Author
IDStrong Logo

Related Articles

What is Data Leak and How to Prevent Accidental Data Leakage

Data breaches take many forms, and one of them is through data leak and accidental web exposure. M ... Read More

The Saga of T-Mobile Data Breach: 2013, 2015, 2021 and 2023 Hacks

T-Mobile has experienced a number of data breaches in the past decade. The first case occurred som ... Read More

Anthem Data Breach Exposed 78 Million Records

In the Anthem Data Breach of 2015, hackers were able to steal 78.8 million member’s records. ... Read More

Everything You Need to Know About Insider Data Breach

Data breaches are on the news frequently, but the average person doesn’t really know that mu ... Read More

The NSA Hack, How Did it Happen?

The National Security Agency (NSA) was the main attraction in a major data breach involving three ... Read More

Latest Articles

What is Digital Citizenship? Etiquette & Examples

What is Digital Citizenship? Etiquette & Examples

When someone is born on US soil, they are a national citizen; with this distinction, they obtain a list of entitlements and benefits, as well as societal obligations and predetermined consequences for bad behavior.

What Does Incognito Mean, How Does It Work, and Is It Really Safe?

What Does Incognito Mean, How Does It Work, and Is It Really Safe?

How do you browse the Internet? Using a primary browser, you can turn on "incognito mode," which increases your privacy on singular devices but is also less concealing than other privacy tools like virtual private networks (VPNs).

AI Voice Cloning: The New Frontier for Cybercriminal Fraud and How to Protect Yourself

AI Voice Cloning: The New Frontier for Cybercriminal Fraud and How to Protect Yourself

Many members of the younger generations avoid answering phone calls. On the one hand, this avoidance may be personal, as voice calls can sometimes cause anxiety; however, there is more to these rejections than nervousness.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Exposure Scan
Instantly and Securely Check if Your Personal Information is Exposed on the Dark Web or Sold by Data Brokers
Please enter first name
Please enter last name
Please select a state
Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address