6 million Canadians affected by major Capital One data breach

Jul 30 2019, 1:19 pm

Approximately 6 million Canadians have been affected by a major Capital One data breach.

According to Capital One Financial Corporation, on July 19, 2019, they determined there was “unauthorized access by an outside individual who obtained certain types of personal information relating to people who had applied for its credit card products and to Capital One credit card customers.”

The Financial Corporation began working with federal law enforcement, and they say the FBI has arrested the individual responsible for the hack.

While Capital One says based on their analysis to date, they think its unlikely that the information was used for fraud, they are continuing to investigate.

See also:

While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened,” said Richard D. Fairbank, Chairman and CEO, in a statement. “I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.”

Based on their analysis to date, Capital One’s breach has also affected 100 million Americans.

In terms of the breach, they say that “no credit card account numbers or log-in credentials were compromised.”

“The largest category of information accessed was information on consumers and small businesses as of the time they applied for one of our credit card products from 2005 through early 2019,” said Capital One. “This information included personal information Capital One routinely collects at the time it receives credit card applications, including names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income.”

Beyond the credit card application data, the individual also obtained portions of credit card customer data, including: Customer status data, such as credit scores, credit limits, balances, payment history, contact information, as well as some transaction data from a total of 23 days during 2016, 2017 and 2018.

Capital One says no American bank account numbers or Social Security numbers were compromised other than: “about 140,000 Social Security numbers of our credit card customers, and about 80,000 linked bank account numbers of our secured credit card customers.”

As for Canadian credit card customers, approximately one million Social Insurance Numbers were compromised in this incident.

“We will notify affected individuals through a variety of channels. We will make free credit monitoring and identity protection available to everyone affected,” said Capital One. “We will incorporate the learnings from this incident to further strengthen our cyber defenses.”