Capital One said Monday that personal information, including the Social Security and bank account numbers of more than 100 million individuals, were compromised in a massive data theft that led to the arrest of a Seattle woman.
Paige A. Thompson, 33, a former software engineer, is accused of stealing data from Capital One credit card applications in what is one of the top 10 largest data breaches ever, according to USA TODAY research.
The FBI arrested Thompson on Monday for the theft, which occurred between March 12 and July 17, court records show. Among the data allegedly collected from a company cloud-based server were Social Security and bank account numbers.
Capital One data breach fallout:How to protect yourself
According to the Department of Justice, Thompson made her initial appearance in U.S. District Court in Seattle and has been detained pending an Aug. 1 hearing. Computer fraud and abuse is punishable by up to five years in prison and a $250,000 fine.
The bank said “the largest category of information” accessed from applicants who applied for credit cards between 2005 and 2019 was personal information including names, addresses, phone numbers, email addresses, dates of birth and self-reported income.
About 140,000 Social Security numbers were accessed and 80,000 bank account numbers from credit card customers, Capital One said.
Other data obtained includes credit scores, limits, balances and “fragments of transaction data from a total of 23 days during 2016, 2017 and 2018.”
Capital One said in a news release that “100 million individuals in the United States and approximately 6 million in Canada” were affected. The bank also set up a consumer website about the breach at www.capitalone.com/facts2019.
The breach was discovered on July 19 and the company said it “immediately fixed the configuration vulnerability that this individual exploited and promptly began working with federal law enforcement.”
“While I am grateful that the perpetrator has been caught, I am…
Continue reading at USATODAY.com