Capital One, the giant financial services firm, were the target of a hack that affected the personal details of more than 106 million individuals across the US and Canada. As of writing this blog, an arrest has been made in connection with the hack after the attacker, Paige Thompson, was reportedly boasting about it online.
The breach apparently included personally identifiable information in the form of names, addresses and phone numbers of Capital One customers and applicants. Importantly, according to Capital One, the hacker did not gain access to credit card account numbers.
Despite this, the breach is said to be one of the largest breaches in banking history.
Who Was Affected by the Capital One Breach?
In a statement released earlier this week, Capital One commented that the breach had affected around 100 million individuals in the USA and six million individuals in Canada. The statement also added that around 140,000 social security numbers and 80,000 bank account numbers were affected in the US, with approximately one million social insurance numbers of Capital One credit card customers compromised in Canada.
In addition to basic forms of PII, the hacker was able to get credit scores, limits, balances, payment history and contact details.
What Can We Learn from This Breach?
Breaches like this serve to highlight the importance of data-centric security. Attitudes towards data breaches are shifting rapidly, due in part to the introduction of stricter, more modern legislation in the form of the GDPR and CCPA. Organizations are now beginning to make data security a priority. However, breaches like this still occur and are almost impossible to prevent altogether. So, what can you do to mitigate the risks?
In many ways, data security is about taking responsibility. All too often we see departments, organizations or individuals passing off responsibility to others. Data and the security thereof, regardless of where it is stored, should be the responsibility of the company that holds it. You must make sure that you have the appropriate security controls, processes, practices and solutions in place.
Cloud services have led to greater collaboration between organizations, more convenience and more risk to data security. Companies in general now seem to have more data being generated than ever before and easier access to it. If your data lies in the cloud, you still have the responsibility to secure it, you cannot rely on the security of the cloud services provider.
This breach involved a malicious insider that gained access to an elevated service account through a vulnerability in a web application firewall. They were then ale to read and copy sensitive files and folders. It serves to remind people of the importance of monitoring your users, as insider threats tend to be the source of more sophisticated, more damaging and harder to detect breaches. Many companies are still slow on taking up solutions that monitor unauthorized access and spot anomalous user behavior. Hopefully the Capital One breach will help to change these attitudes.
If your organization was affected by a breach like this, would you be able to quickly detect it and respond to it? Would you know exactly what data was involved so that you could notify the correct authorities and individuals?
If not, then you should look at a Data Security Platform that can help to automate much of this. Schedule a demo with one of our engineers today to learn more about how LepideAuditor can help you detect and respond to a data breach. Alternatively, Lepide provides free risk assessments to help you get to grips with the current vulnerabilities in your security and how to improve.