The capital one bank announced that a hacker swiped credit card applications, Social Security numbers, and bank account information affecting more than 100 million people from its server. The New York Times reported that authorities say they arrested a suspect, Seattle software engineer Paige Thompson after she posted about the incident on social media.
Prosecutors say Thompson posted on Slack, “I’ve basically strapped myself with a bomb vest, dropping capital ones dox and admitting it.” According to the New York Times, FBI was initially alerted after the breach on July 19th, by her posts on the social network meetup where Thompson ran a group called Seattle Warez Kiddies for “anybody with an appreciation for programming, distributed systems, cracking, hacking.” From that point, FBI traced her online activity to accounts on Slack and Twitter where she allegedly bragged about the hack.
According to the reports from BBC, Thompson has been charged with computer fraud and abuse. She faces a maximum sentence of a $250,000 fine and up to five years in prison. According to the court documents, the FBI says, to breach the bank’s server, the hacker took advantage of a “firewall misconfiguration”. It also said that the hacker made off with 140,000 Social Security numbers and 80,000 bank account numbers. In total, heist compromised data affecting nearly 100 million people in the United States and 6 million in Canada.
The bank’s CEO, Richard D. Fairbank, apologized for the incident in a statement on Monday. He wrote, “I am deeply sorry for what has happened. I sincerely apologize for the understandable worry this incident must be causing those affected, and I am committed to making it right.”
In the wake of the data breach, to anyone affected from the same, free credit monitoring and identity protection are offered by Capital One.
Cited Article Sources:
http://press.capitalone.com/phoenix.zhtml?c=251626&p=irol-newsArticle&ID=2405043
https://www.bbc.com/news/world-us-canada-49159859