100 Million Capital One Customers Were Hacked
Another day, another multi-national bank is hacked... via Market Watch:
The hacker got information including credit scores and balances, zip codes, email addresses, dates of birth, self-reported income and payments history, fragments of transaction data, plus the Social Security numbers of about 140,000 customers and 80,000 bank-account numbers from credit-card customers, the bank said. It will offer free credit-monitoring services to those affected. Consumers and small businesses who applied for credit cards from 2005 through early 2019 are most at risk.
It's one of the biggest breaches of a major financial institution ever. Four months after the incident occurred, within just 10 days of Capital One discovering it, the FBI has already made an arrest in connection with the crime:
Seattle resident Paige A. Thompson, 33, was charged Monday with one count of computer fraud and abuse, according to the FBI and court records. Thompson, the criminal complaint alleges, went by the hacker name "erratic" in many online accounts and forums. She allegedly exploited a misconfigured firewall to access a Capital One cloud repository and exfiltrate data sometime in March. On April 21, the FBI says, Thompson posted the data to her GitHub account, which included her full name and resume. It is unclear whether anyone downloaded the data after she allegedly posted it, but they very well may have given that Thompson allegedly talked openly about stealing the data, even on Slack.
For a l33t hax0r, Thompson doesn't sound like the brightest criminal. We'll keep monitoring this story.