Capital One data breach: Ex-staffer of Amazon arrested for stealing info on millions of customers

Capital One
Capital One Reuters

American bank Capital One has become the victim of this year's biggest data breach as a hacker gained access to more than 100 million of US customer data and six million Canadian customers' accounts and card applications. A former female Amazon employee was arrested as the prime suspect from Seattle on Monday, July 29 by the FBI.

The 33-year-old Paige Thompson has been accused of stealing the personal data of millions of Capital One customers. As per the US Department of Justice, the alleged hacker gained access to 140,000 Social Security numbers, one million Canadian Social Insurance numbers and 80,000 bank account numbers in addition to an undisclosed number of customers' names, addresses, credit scores, credit limits, balances and other sensitive information.

FBI agents searched her home on Monday and found files and information related to Capital One and Amazon, according to a lawsuit filed by the US Department of Justice. It was also revealed by Joel Martini, the FBI Special Agent in the case, that they found an online alias by name "erratic," allegedly connected to Thompson where she had posted online in late June about securing confidential information on several companies, government entities and educational entities.

As per the company headquartered in McLean, Virginia, the cyber attack was conducted between March 22 and 23 and it includes credit card applications made way back in 2005. But the company has confirmed that they have fixed the vulnerability and further assured that "no credit card account numbers or log-in credentials were compromised and over 99% of Social Security numbers were not compromised."

Capital One CEO Richard Fairbank in a statement said, "I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right."

Tom Kellermann, Chief Cybersecurity Officer, Carbon Black
Tom Kellermann, Chief Cybersecurity Officer, Carbon Black

Meanwhile, Tom Kellermann, the Chief Cybersecurity Officer of the cybersecurity company, Carbon Black, based in Massachusetts reached out to IBTimes Singapore and shared his perspective on Capital One data breach.

"This breach highlights a few important realities for cybersecurity in 2019. First, perimeter-based security measures will not prevent 100 percent of attacks, 100 percent of the time. Without visibility into what's occurring on an enterprise, a business may be completely blind to attacks like this, especially when you consider that Paige Thompson once worked at Amazon as an engineer for the same server business that supported Capital One," he said.

Kellermann mentioned that modern cyber threats can come from any domain, including former employees, partners or contractors. He also advised that a "business needs to consider all the potential risks and work to gain visibility across the business into where potential weaknesses exist."

In addition, he stated that "it's absolutely imperative for businesses to be securing their cloud infrastructures and the critical data they hold... Capital One is one of the most 'cloud-forward' financial companies in the world; they should be partnering with solution providers who are intimately aware of how to keep the cloud secure."

But what shouldn't be lost in this is that the financial company is one of the globe's most recognizable and ubiquitous financial brands that houses critical financial and personal information, he further added.

Kellermann mentioned that the recent research by Carbon Black showed that financial institutions are increasingly being targeted by advanced attacks that leverage "island hopping," lateral movement, counter incident response and file-less attacks, adding that "The modern bank heist is now in cyberspace."

Kellermann also advised the customers of Capital One who are concerned about this data theft that they should "keep a close eye on their statements and report any suspicious activity immediately. Customers should also consider signing up for security alerts from Capital One and be extra vigilant over the coming months for possible phishing emails."