Capital One has been hacked resulting in over 100 million applications and accounts being compromised
With the Capital One Hack, this marks one of the largest data breaches ever, with a hacker gaining access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers, and 80,000 bank account numbers. With an unknown number of names, addresses, credit scores, credit limits, balances and other bits of information.
This hack took place on March 22nd and March 23rd. While they have claimed to have fixed the issue, they have also stated that it would be unlikely that the information was used for fraud or disseminated by this individual.
Who was the Hacker?
The hacker was Paige Thompson, they were arrested Monday in connection with the breach. She gained access by exploiting a misconfigured web application firewall per the court filling. While she managed to “hack” into Capital One, she was less than careful about posting it online. Using services like Slack, she explained the method she used to break into Capital One.
Capital One used Amazon’s servers to store their data. Which per the Justice Department, she was able to use a “special” command to extract files in a Capital One Directory which was store on Amazon’s servers. Once we find out more details, we will make sure to post about them here.
This is why we at Rezz Tech stress the importance of setting up your businesses firewalls and network security by someone who has experience. With this Capital One Hack, we hope to see business owners see the importance in their IT companies / staff. This is something that you might view as an unneeded expense, but when something like this happens to your business you will think differently.