Last month police arrested a former employee of Amazon (AMZN) Web Services, the cloud hosting company that Capital One used. The alleged hacker illegally obtained sensitive data from Capital One through a misconfigured web application firewall. This individual not only hacked the data, but posted on various platforms that she had the data and was going to distribute it, taking no precautions in hiding ‘her’ identity in doing so, as reported by several major news publications.
This data breach affects about 6 million in Canada and includes 1 million social insurance numbers along with bank account numbers, names, addresses, date of birth, credit scores, names and addresses. The data breach contains information on individuals completing applications as far back as 2005.
Capital One also offers Canadian credit card products through Costco and Hudson’s Bay Co. however there is no indication this information has been compromised.
If you have products from Capital One, the company will be notifying all those affected by mail.
This is one of the largest data breaches along with Yahoo 2013/14 3 billlion; First American Financial Corp 2019 885 million; Facebook 2019 540 million; Marriott International 2018 500 million; Friend Finder Networks 2016 412.2 million – according to CNBC.
“Year after year our analysis shows that more than 90 per cent of data breaches are preventable – in 2018 it was 95 per cent. This is a grave reminder that companies holding personal and sensitive data need to be extra vigilant.” ~Jeff Wilbur, director of the Online Trust Alliance Initiative, The Internet Society. An excerpt from Canada.com
Global News report on what you can do to keep your personal data safe from hackers https://globalnews.ca/video/rd/1578848835633/
What To Do If Your Data Has Been Compromised
- Ask for and monitor your credit report
- Monitor all bank accounts and other credit cards for discrepancies
- Set up alerts for suspicious behaviour on accounts that have this feature
- Report any findings not made by you to the entity itself as well as your local fraud unit
- Be cautious where you enter your information
- Ask questions about how your data is protected prior to giving sensitive information
- Contact TAG Computer Services for a DARK WEB SCAN – the scan generates a report outlining any sensitive information that may be out there on the dark web due to hacks, it includes passwords that may have been compromised as well.