It’s a day that ends in “y,” and you know what that means… there was another data breach!
Capital One data breach impacts 100+ million people
Capital One has announced a data breach, where on July 19, 2019, they discovered there was unauthorized access by an outside individual who obtained certain types of personal information related to card members.
Capital One says that they immediately fixed the configuration vulnerability that the individual exploited, and they have worked with federal law enforcement. The FBI has arrested the person responsible for this.
Capital One says that they believe it is unlikely that the information was used for fraud or disseminated by this individual, though they are still investigating.
This breach impacts approximately 100 million individuals in the United States, and up to six million individuals in Canada.
While no credit card account numbers or log-in credentials were compromised, some social security numbers were compromised.
For those who applied for cards between 2005 and early 2019, it’s possible that information including names, addresses, zip codes, phone numbers, email addresses, dates of birth, and self-reported income was compromised.
Beyond that, the following may have been compromised:
- Customer status data, e.g., credit scores, credit limits, balances, payment history, contact information
- Fragments of transaction data from a total of 23 days during 2016, 2017 and 2018
No bank account numbers or Social Security numbers were compromised, other than:
- About 140,000 Social Security numbers of credit card customers
- About 80,000 linked bank account numbers of secured credit card customers
Capital One says that they’ll notify the individuals impacted through a variety of channels, and will offer free credit monitoring and identity protection to everyone affected.
Apparently the 140,000 Social Security numbers that were compromised were for those who applied for small business credit cards as sole proprietorships, using their Social Security number as their Tax ID.
Maybe I’m being too casual about here, but am I the only one who is at the point where I’m just totally desensitized to this stuff?
Sure, I don’t like the idea of my data being stolen, but I also don’t think being too worried will get me anywhere? I provide my fingerprints when I enter China. I “expose” my credit card number every time I go to a restaurant. I feel like there are so many parties that have my data, and the best I can do is frequently monitor my credit and hope for the best.
That’s really the extent of my feelings on this, for better or worse.