On the heels of Equifax's data-breach settlement earlier this week, yet another financial institution's server has been compromised, exposing the sensitive information of more than 100 million customers. On July 19, Capital One's data was breached by hacker Paige Thompson, who gained access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers, and 80,000 bank-account numbers, as well as the credit scores, credit limits, balances, payment history, contact information, and transaction data of an unknown number of customers. The company says that it will notify all those affected and provide free credit monitoring and identity protection to these individuals.
Thompson, a former employee of Amazon Web Services, the cloud-hosting company used by Capital One, reportedly attempted to share the leaked information online. She was arrested yesterday for her role in the breach. Most of the leaked information comes from credit card applications submitted between 2005 and 2019 and includes names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income.
If you may have been affected by the Capital One data breach, Dana Marineau, Credit Karma's VP and financial advocate, recommends the following three steps. First, monitor your credit with a credit-monitoring tool so you can be alerted to any changes in your credit report. Second, use an ID-monitoring tool that will notify you if your information was exposed as a result of this breach. And lastly, lock or freeze your credit. This will make your credit report inaccessible without your permission.