Capital One hit by major data breach

News
By published

Company reveals news of breach following arrests

capital one
(Image credit: Shutterstock.com)

Capital One has revealed it suffered a major data breach that left the data of millions of customers at risk.

The financial giant said that around 106 million customers in the US and Canada may have had their personal details stolen in the attack, with information such as names, addresses and phone numbers all at risk.

However credit card details and numbers were not hit in the attack, the company said., with log-in credentials also unaffected.

'Deeply sorry'

Capital One announced the news following the arrest of the alleged hacker by the US Justice Department, which confirmed Paige Thompson, a 33-year-old former Seattle technology company software engineer, had appeared in court earlier today.

Thompson was reported to police by a GitHub forum users after she apparently boasted of the attack online. If convicted, she faces the possibility of up to five years in prison and a $250,000 fine.

The hack itself was reported on July 17th, with the hacker apparently able to exploit a "specific configuration vulnerability" in the company's infrastructure, Capital One said.

In total, Capital One believes the breach affected approximately 100 million individuals in the US, as well as six million more in Canada. 

Around 140,000 US social security numbers and 80,000 linked bank account numbers are thought to be compromised, with about one million social insurance numbers belonging to Canadian credit card customers also affected.

Aside from names and dates of birth, the hacker also managed to obtain credit scores, limits, balances, payment history and contact information.

"While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened," Capital One Chairman Richard Fairbank said in a statement.

"I sincerely apologise for the understandable worry this incident must be causing those affected and I am committed to making it right."

The company says it will notify those affected and will provide free credit monitoring and identity protection.

Mike Moore
Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

Latest in Security
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Representational image depecting cybersecurity protection
GitLab has patched a host of worrying security issues
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Abstract image of cyber security in action.
MassJacker malware targets those looking for pirated software
Latest in News
Google Pixel 8a in aloe green showing
Google Pixel 9a benchmark link teases the performance of the upcoming mid-ranger
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 17 (game #1148)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 17 (game #379)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 17 (game #645)
Apple iPhone 16 Pro HANDS ON
Leaked iPhone 17 dummy units may have given us our best look yet at all four models
A super close up image of the Google Gemini app in the Play Store
It's official: Google Assistant will be retired for phones this year, with Gemini taking over
More about security
Money

Financial leaders still rely on regular tools like Excel for automation tasks over AI
Half man, half AI.

Generative AI has a long way to go as siloed data and abuse of its capacity remain a downside – but it does change the game for security teams
BraX3

This obscure brand wants to launch the most privacy-friendly smartphone ever without Google, but with a mysterious open-source OS at its core
See more latest
Most Popular
BraX3
This obscure brand wants to launch the most privacy-friendly smartphone ever without Google, but with a mysterious open-source OS at its core
HAMR
Seagate reportedly sold two billion GBs worth of storage to two of the world's largest tech companies
Google Pixel 8a in aloe green showing
Google Pixel 9a benchmark link teases the performance of the upcoming mid-ranger
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 17 (game #645)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 17 (game #379)
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 17 (game #1148)
Oracle
Bluehost owner is moving to Oracle Cloud, so could thousands of websites be about to migrate?
Money
Financial leaders still rely on regular tools like Excel for automation tasks over AI
Two examples of the Asus Fragrance Mouse MD101 sitting on a table
Your next computer mouse could have a fragrance compartment for aromatherapy oils – and this Asus idea is nothing to sniff at
Apple iPhone 16 Pro HANDS ON
Leaked iPhone 17 dummy units may have given us our best look yet at all four models