Credit card giant Capital One recently announced that a data breach occurred within the company that affected over 100 million bank customers and applicants in both the U.S. and Canada. The breach occurred on March 22 and 23, 2019, when Paige Thomson, a Seattle-based software engineer, accessed roughly 140,000 Social Security numbers and about 80,000 linked banked account numbers of their secured credit card customers. A statement by Capital One noted that the issue wasn’t detected until nearly three months later on July 19, 2019.
“We determined that an outside individual gained unauthorized access and obtained certain types of personal information about Capital One credit card customers and individuals who had applied for our credit card products,” the company said.”
The majority of information came from consumers and small businesses that applied for credit cards from 2005 through early 2019. That data included names, addresses, phone numbers, email addresses, dates of birth, as well as portions of credit card data info such as credit scores, credit limits, and payment history.
“While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened, said Richard D. Fairbank, Capital One Chairman and CEO. “I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.”
As a result of the incident, Capital One is investing heavily in cyber security and is tightening up their cyber defense. For those affected, the company will send a letter to those in the U.S. and are offering free credit monitoring and identity protection.
Data breaches can be costly, but also damaging to a company’s brand and reputation. From small merchants to large corporations, cyber criminals don’t discriminate. We look at ten steps to save your business from a data breach and make sure you are prepared.
- Plan ahead.
- Eliminate blind sports.
- Know your points of contact.
- Find your liability coverage.
- Vet third parties.
- Institute a dedicated response team.
- Engage outside vendors.
- Understand legal requirements.
- Reduce security weakness with layers of tokenization and encryption.
Data breach preparedness can be complex, but the results of a breach could be catastrophic. Small Business Trends states, “43 percent of cyber-attacks are aimed at small businesses.” Understanding best practice solutions can help reduce the risk of such a breach and ensure that you are prepared in the event that one does occur.