Capital One Hacked

[MichaelB]

News reports that Capital One credit cards was hacked. https://www.washingtonpost.com/nati...ory.html?noredirect=on&utm_term=.34bcdede255d

Capital One, the Virginia-based bank with a popular credit card business, announced Monday that a hacker had accessed about 100 million credit card applications, and investigators say thousands of Social Security and bank account numbers were also taken

Pretty soon we'll need a new forum category just for hacks and data breeches. No telling yet how serious this is, but the announcement says credit card applications. That's just about everything - SS#, DOB, banking, address. Details to follow

 

[Dalmore]

We really need to come up with a way to verify identity that does not include SSN, DOB, Address & Phone numbers.

 

[sengsational]

One of the biggest problems with a "bad guy" having the information on your credit card application is that they can "replay" that information on another credit card application, but this time, with a different address. Yeah, so if it's not obvious, the credit card would go to that address too.


I've got a link that tells you how to freeze: https://clark.com/credit/credit-freeze-and-thaw-guide/

 

[GrayHare]

There's a reason they are named Capone.

Let me guess, after a few years they will pay everyone $125, and claimamts will need to enter name and SS# online where nothing can go worng. *facepalm*

 

[Corporateburnout]

It's a fact of life. It was Equifax and now Capital one and tomorrow another major bank or credit bureau will be hacked.

I realized that fact when I froze my credit in 2013 and DW's in 2015. Our info was compromised in the Equifax breach and I expect it will be compromised again.

 

[pn3069]

It's a fact of life. It was Equifax and now Capital one and tomorrow another major bank or credit bureau will be hacked.

I realized that fact when I froze my credit in 2013 and DW's in 2015. Our info was compromised in the Equifax breach and I expect it will be compromised again.

Freeze is the best option we have at the moment - I am not sure if any "freezes" were violated?

 

[audreyh1]

Wow!

I have no relationship with Capital One. But gosh, other credit issuers my have the same thing happen.

 

[W2R]

Apparently the hacker has been arrested!

The US Justice Department has confirmed it has arrested a former Seattle technology company software engineer in connection with the breach.

Paige Thompson, 33, was arrested on Monday on charges of computer fraud and abuse. She made an initial appearance in federal court in Seattle.

According to the BBC article linked to below, [-]this miserable piece of garbage[/-] Ms.Thompson was bragging about the malicious hack on an online forum, and someone notified Capital One about it.

She never gained access to credit card numbers,but did get other information as MichaelB described.

https://www.bbc.com/news/world-us-canada-49159859

 

[MichaelB]

Here’s the press release from Capital One https://www.capitalone.com/facts2019/

Importantly, no credit card account numbers or log-in credentials were compromised and over 99 percent of Social Security numbers were not compromised.

The largest category of information accessed was information on consumers and small businesses as of the time they applied for one of our credit card products from 2005 through early 2019. This information included personal information Capital One routinely collects at the time it receives credit card applications, including names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income.

Canadian customers were also affected

For our Canadian credit card customers, approximately 1 million Social Insurance Numbers were compromised in this incident.

 

[njhowie]

This was an inside job. The hacker previously worked at Amazon and knew how to get access to Capital One's database which was hosted on AWS.

No matter what is done, there is always going to be a level of trust that is required in the folks who work on this stuff. It happen with Snowden, it happened with this hacker, it will happen again in the future, whether for altruistic reasons or malevolence.

 

[jazz4cash]

Nothing will be done to fix these issues as long as the cost can be passed along to the entire customer base. Heck, even election hacks don’t get the attention they should. This hacker was only detected by her own ego.

 

[Jeffman52]

That's why I'm opting for the 10 years of credit monitoring rather than the $125. Too many breaches in the last 5 to 10 years and no end in sight on those.

 

[sheehs1]

Like others, I was part of the Anthem and Equifax hacks. It's why I, along with others, froze my credit.
Not part of this Capitol One hack. At least I don't remember ever applying for a credit card with them.
This seems to be a way of life now. A separate thread for the hacks might be a good idea MichaelB!

 

[skipro33]

With a 100 Million hacked with just this one instance, the odds of any one customer being defrauded has got to be pretty small. Adding all the hacks, I'd say with some certainty that 100% of everyone who does electronic fund transfers, payments or charges of any kind has been compromised. Safety in numbers, what are the odds now that yours will be scammed?

Personally, I have a CreditKarma logon, free, and view my credit rating and changes several times a week. Takes just a minute or two to see if there's anything changed.

 

[Montecfo]

Services like Credit Karma are free.

 

[Montecfo]

Don't worry!
"Your data is safe in the CLOUD!"

 

[njhowie]

Don't worry!
"Your data is safe in the CLOUD!"

+1

Copy/paste on to the computer backup thread of the past few days with everyone backing up to the cloud.

 

[Chuckanut]

That's why I'm opting for the 10 years of credit monitoring rather than the $125. Too many breaches in the last 5 to 10 years and no end in sight on those.

I am not so sure about the monitoring. I had it after another breach a few years ago. I got a year free. About 6 months into the free year, I opened a new CC account with a major bank. Almost a month later the monitoring company informed me a new account had been opened in my name. A month later!!!! Imagine all the stuff the bad gals could have bought in that month had the new account been fraudulent.

A Freeze is the only worthwhile defense we have, IMHO.

 

[Jeffman52]

I am not so sure about the monitoring. I had it after another breach a few years ago. I got a year free. About 6 months into the free year, I opened a new CC account with a major bank. Almost a month later the monitoring company informed me a new account had been opened in my name. A month later!!!! Imagine all the stuff the bad gals could have bought in that month had the new account been fraudulent.

A Freeze is the only worthwhile defense we have, IMHO.

A month. Dang... Then, I agree, the only really effective defense is a freeze.

 

[FreeBear]

I am not so sure about the monitoring. I had it after another breach a few years ago. I got a year free. About 6 months into the free year, I opened a new CC account with a major bank. Almost a month later the monitoring company informed me a new account had been opened in my name. A month later!!!! Imagine all the stuff the bad gals could have bought in that month had the new account been fraudulent.

A Freeze is the only worthwhile defense we have, IMHO.

Thanks. Good to know a real world experience, even if negative. We’ve had our credit frozen for some time.

 

[aja8888]

I have a CC with them. It's rarely used as it's my backup. I get a text within seconds if it is used by me.