Just a few short days after the Equifax data breach settlement – which affected 147 million Americans – Capital One Financial has just issued a statement confirming that on July 19th 2019, there was unauthorized access by an outside individual who obtained certain types of personal information relating to people who had applied for its credit card products and to Capital One credit card customers.
Based on their analysis, this event affected approximately 100 million individuals in the United States and approximately 6 million in Canada.
“While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened,” said Richard D. Fairbank, Chairman and CEO.
“I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.”
As The Washington Post reports, The FBI has arrested Paige A. Thompson, a Seattle area woman, on a charge of computer fraud and abuse, court records say. Thompson, who authorities say used the name “erratic” in online conversations, is suspected of “exfiltrating and stealing information, including credit card applications and other documents, from Capital One,” according to a criminal complaint filed in federal court. She was ordered to remain in jail pending a detention hearing scheduled for Thursday, according to court records.
It is unusual in a major hacking case for a suspect to be apprehended so quickly, and in this case, that was apparently due to boasts made online. In one online posting, “erratic” wrote:
“I’ve basically strapped myself with a bomb vest, [expletive] dropping capitol ones dox and admitting it,” according to the complaint.
We will notify affected individuals through a variety of channels. We will make free credit monitoring and identity protection available to everyone affected.
Safeguarding our customers’ information is essential to our mission and our role as a financial institution. We have invested heavily in cybersecurity and will continue to do so. We will incorporate the learnings from this incident to further strengthen our cyber defenses.
We are very thankful to the FBI’s Seattle Field Office and Special Agent Joel Martini, to U.S. Attorney Brian T. Moran, and to Assistant U.S. Attorneys Steven Masada and Andrew Friedman of the Western District of Washington for the speed with which they responded to this incident and apprehended the responsible party.
Bloomberg reports that in court on Monday, Thompson broke down and laid her head down on the defense table during the hearing. She is charged with a single count of computer fraud and faces a maximum penalty of five years in prison and a $250,000 fine.