Yesterday, Capital One informed that on 19th July, the company discovered ‘unauthorized accesses to its sensitive information database. The individual behind this act has been arrested. The offender stole 100 million Capital One customer’s account and credit card information.
The crime and the culprit-
Paige Thompson is the alleged hacker behind this crime. As per sources, Thompson resided in Seattle and was arrested yesterday by the FBI. The charges on her are unauthorized access to the personal data of the Capital One customer.
Reports tell that Thompson was a former software engineer for a cloud hosting company which was used by Capital One. Her gateway into the company’s data was through the poorly configured web application firewall, as per court filings.
The details of the damage caused-
As per the information supplied by the company, by far the hack has affected-
- Around 100 Million U.S. based individuals, out of which-
- 6 million are from Canada. Around 1 million social insurance numbers were compromised.
- The information on customers and small businesses from 2005 to 2019 for credit card application was the steak for the hacker. The focus here was on the company’s regular collection of information during credit card applications which included-
- Zipcodes/postal codes,
- Phone numbers,
- Email addresses,
- Dates of birth, and
- Self-reported income
- From the credit card customer information, the hacker targeted at-
- Credit scores,
- Credit limits,
- Payment history,
- Contact information
- Transaction information during 2016, 2017, and 2018 (from a total of 23 days.)
- Approximately 140,000 Social Security numbers of credit card customers were compromised.
- Additionally, around 80,000 linked bank account numbers of secured credit card customers were also compromised.
Measures to fix the damage-
The company has fixed the ‘configuration vulnerability’ which allowed the hacker to get into the crucial information. Further, Capital One has started to work with federal law enforcement to fix the remaining matters. The company has assured that due investigations are going on, despite by far it believes that the leaked information was ‘unlikely’ used for any fraud by the hacker.
Capital One’s Chairman and CEO- Richard D. Fairbank said-
While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened. […] I sincerely apologize for the understandable worry this incident must be causing those affected, and I am committed to making it right.
Further, the company has assured to make ‘free credit monitoring and identity protection’ for everyone. Taking the security far more seriously, the financial institution has invested in cybersecurity to ensure further safety
The resilient Bitcoin-
Anthony Pompliano, the co-founder of Morgan Creek Digital Assets, posted this on his twitter handle-
No one has ever hacked Bitcoin. It is the most secure computing network in the world.
The plan for hacking Bitcoin will require the hacker to gain information on the private keys of every user in order to flow on the blockchain ledger. The decentralized nature of the Bitcoin acts as strong security in comparison to centralized bodies such as Capital One. Issues such as these that are related to the centralized system is giving birth to the decentralized structure. The decentralized system is the answer to the times when the global market is turning into the local market.
Several market experts from crypto sphere point at the importance of the financial privacy and how any further continuing with the old patterns regarding customer’s sensitive information can lead to sudden falls in both the online as well as the offline worlds. The centralized nature of Capital One made it easy prey for hacking; decentralization could have saved it!