Saturday, April 20, 2024
Latest:
Networkworld 

The latest large-scale data breach: Capital One | TECH(feed)

TH Author

HEY EVERYONE WELCOME BACK TO TECH FEED I’M JULIET BEAUCHAMP. EQUIFAX JUST SETTLED WITH THE F-T-C FOLLOWING ITS HUGE DATA BREACH IN 2017. AND NOT LONG AFTER, CAPITAL ONE ANNOUNCED IT WAS THE TARGET OF A MASSIVE DATA BREACH IN MARCH. LET’S TALK ABOUT THE CONSEQUENCES AND WHAT TO DO IF YOU’RE A VICTIM OF THE BREACH. STICK AROUND.

SO, THE BACKGROUND–CAPITAL ONE RECENTLY ANNOUNCED IT WAS BREACHED BACK IN MARCH. THE DATA OF OVER 100 MILLION PEOPLE WAS COMPROMISED IN THE HACK. IT WAS ALLEGEDLY CARRIED OUT BY A SOFTWARE ENGINEER IN SEATTLE, WHO HAD WORKED FOR AMAZON WEB SERVICES IN THE PAST. MILLIONS UPON MILLIONS OF CREDIT CARD APPLICATIONS WERE STOLEN. ONE HUNDRED FORTY THOUSAND SOCIAL SECURITY NUMBERS WERE ALSO STOLEN, ALONG WITH EIGHTY THOUSAND BANK ACCOUNT NUMBERS. AND AROUND ANOTHER ONE MILLION CANADIAN SOCIAL INSURANCE NUMBERS WERE COMPROMISED–THAT’S CANADA’S EQUIVALENT OF A SOCIAL SECURITY NUMBER.

IT SEEMS AS THOUGH THIS HACKER OBTAINED INFORMATION FROM CREDIT CARD APPLICATIONS FILED FROM 2005 THROUGH 2019. AND THE ALLEGED HACKER, PAIGE THOMPSON, OBTAINED THIS INFORMATION BY CRACKING INTO A SERVER THAT STORED CAPITAL ONE’S DATA. THIS SERVER WAS HOSTED BY NONE OTHER THAN HER FORMER EMPLOYER, AMAZON WEB SERVICES. CAPITAL ONE BUILT OTHER WEB APPLICATIONS ON TOP OF WHAT A-W-S OFFERS, AND THE HACKER WAS ABLE TO TARGET A MISCONFIGURATION IN ONE OF THOSE WEB APPLICATIONS TO ACCESS THE SERVER.

LARGE-SCALE DATA BREACHES HAVE BECOME STATUS QUO RATHER THAN RANDOM OCCURRENCES. AND CHANCES ARE, YOU OR SOMEONE YOU KNOW HAS BEEN A VICTIM OF A LARGE-SCALE DATA BREACH OVER THE PAST FEW YEARS. IT JUST GOES TO SHOW THE IMPORTANCE OF CYBERSECURITY FOR ENTERPRISES OF ALL KINDS, BUT ESPECIALLY THOSE DEALING WITH PRIVATE OR FINANCIAL DATA. YOU CAN BE AS CAREFUL AS YOU WANT ABOUT MONITORING SUSPICIOUS LOOKING EMAILS OR ENTERING CREDIT CARD INFORMATION ON CERTAIN WEBSITES, BUT IN CASES LIKE THIS ONE, THERE’S REALLY NOT MUCH YOU AS AN INDIVIDUAL CAN DO TO GUARD YOUR DATA. IF YOU HAVE BEEN AFFECTED, CAPITAL ONE WILL NOTIFY YOU. AND THE BANK WILL OFFER CREDIT MONITORING SERVICES FOR FREE FOR THOSE WHOSE DATA HAS BEEN COMPROMISED.

THANKS FOR WATCHING THIS EPISODE OF TECH FEED. IF YOU LIKED THIS VIDEO BE SURE TO GIVE IT A THUMBS UP AND SUBSCRIBE TO OUR CHANNEL. WE’LL KEEP YOU UPDATED AS MORE NEWS ABOUT THIS BREACH COMES OUT. AND WE’LL BE FOLLOWING ALONG WITH LEGAL PROCEEDINGS. SEE YOU NEXT TIME.

READ MORE HERE

You May Also Like

What to expect when the Internet gets a big security upgrade

TH Author 0

Gartner crystal ball: Looking beyond 2020 at the top IT-changing technologies

TH Author 0

This Week in Security News: ZDI Bug Hunters Rake in $1.5M in 2019 and Metamorfo Trojan Malware Campaign Targets Online Banking Users

TH Author 0