On July 29, 2019, Capital One suffered a historic Data Breach involving 106 million people’s records, including; social security numbers, bank account numbers, names, addresses, credit applications, credit limits, credit balances and other information being compromised. Although historic in nature, this breach differs from those such as Equifax and or Marriott due to the principle of the hack.
The criminal was not in conjunction with an outside hacking ring nor did she use ransomware to obtain the supposedly secure and highly private information. Instead, she was a former software engineer at Amazon S3 web services, the cloud company that Capital One was using. She extracted files in a Capital One directory stored on Amazon’s servers by finding a loophole and exposing a misconfigured firewall and was able to continue doing so by using a ‘Tor’ private browser and Virtual Private Network ‘IPredator’ that allowed anonymity. The breach began in March of 2019 and was only just brought to attention in July of 2019.
What this means for you:
The cyber-world is vast, very technical, and leaves many people with little knowledge of this expansive industry. In turn, millions of people put a lot of trust in these big companies for the safekeeping of their private and personal information. We are living in a time where everything is going digital so there are vital steps in which you should take to protect yourself, should you ever be a victim of a data breach.
Carrie Kerskie, Identity Theft Expert and President of Griffon Force said, “You need to do a credit freeze with the Five (5) bureaus 1. Equifax 2. Experian 3. Transunion 4. NCTUE 5. Innovis, and by doing it online you will receive an email confirmation.”
As mentioned before, due to the wide-ranging and complexity of the Cyber Industry, it may present challenges in doing your Due Diligence, so it would be in your best interest to monitor your accounts closely and often. Make sure to set up alerts when your balance changes, when a suspicious charge was made both inside or outside of the United States, when your account has been logged into, if your social security number was used to attempt opening an account or taking out a loan. These steps are free and highly recommended while doing your due diligence.
Listen to our Founding Partner, Chris Vernon reframe what happened with the Capital One breach and also touch on the necessary steps to educate and protect yourself during a cyber attack, data breach or any future breaches/attacks:
If you believe you or your clients have been the victim of a data breach or other cyberattack, we urge you to act quickly to contact:
Brooke Sandoval-Banker at sandovalbanker@vernonlitigation.com and, in turn, we can begin to act quickly to mitigate your damages, both legally and commercially.
In addition to representing clients impacted by data breaches and cyberattacks, founding partner Chris Vernon is a member of the Collier Identity Theft Task Force in Collier County and Chairman of Griffon Force and speaks regularly on cyberlaw issues and Vernon Litigation Group Attorney has written extensively on cybersecurity issues.