Capital One revealed a massive data breach today that affected more than 100 million people, exposing credit card applications, bank account information and Social Security numbers in possibly the biggest bank breach ever.
The bank announced the hack the same day the FBI arrested a suspect, Paige A. Thompson, who reportedly worked for Amazon Web Services before the digital theft took place.
Capital One said it discovered the breach on July 19 after details of the hack were posted on the code sharing website GitHub.
The criminal complaint filed against Thompson in the District Court for the Western District of Washington at Seattle said the breach occurred between March 12 and July 17.The Justice Department identified Thompson as a former Seattle technology company software engineer, but The Wall Street Journal reported she worked for AWS from 2015-2016. The cloud computing giant is competing for a $10 billion cloud computing contract at the Pentagon.
The majority of the nearly 100 million U.S. individuals and 6 million Canadians affected were from small businesses that applied for credit cards between 2005 and 2019. The compromised data included information common to such applications, including dates of birth and self-reported income, Capital One said.
In some cases, the breach included access of other information, such as 140,000 Social Security numbers for credit card customers and 80,000 linked bank account numbers.
"Based on our analysis to date, we believe it is unlikely that the information was used for fraud or disseminated by this individual," Capital One said in a statement.
Capital One will provide free credit monitoring to victims, the company said. It also said it had identified the vulnerabilities exploited and fixed them.
Article originally published on POLITICO Magazine