Capital One fined $80 million for breach that exposed 100 million accounts

Capital One Bank has been penalized for data breach that occurred when it shifted operations to cloud-based service.



Capital One Financial Corp. has been penalized $80 million by the U.S. Treasury Department for a data breach of its accounts that occurred a year ago.

It has been accused of carelessness in its security network that enabled a hack to access personal information of 106 million credit cardholders of the bank.

Capital One migrated its operations to a cloud-based service in 2015 and it seems that enough security and risk management protocols were not put in place to prevent such a breach, claims the department.

The Comptroller of Treasury said the bank’s own internal audit failed to identify “numerous weaknesses” in its management of the cloud environment and “engaged in unsafe or unsound practices that were part of a pattern of misconduct.”

Capital One 2019 Data Breach Fined Penalized

Capital One HQ

Capital One in its consent order to the government body has committed to fixing the problem. Capital One’s breach is one of the largest of its kind. The 2019 breach compromised about 140,000 Social Security numbers and 80,000 bank account numbers, says a news report.

A hacker obtained personal information, including names and addresses of about 100 million individuals in the United States and 6 million people in Canada. The suspected hacker was a former employee of Amazon Web Services, a cloud provider where the bank had moved some of its data.

“Safeguarding our customers’ information is essential to our role as a financial institution,” said a bank representative in a statement. “In the year since the incident, we have invested significant additional resources into further strengthening our cyber defenses, and have made substantial progress in addressing the requirements of these orders.”

The perpetrator of the crime has been identified as one Paige Thompson, working with Amazon. S/he has denied the charges.

Thompson is set to stand trial in February. She is transgender and her lawyers have requested that she be sequestered at a halfway house, keeping her mental health in mind. But the judge in the case denied the request saying she was a flight risk and danger to others.

No evidence has emerged that Thompson sought to benefit financially from the hack.

The Office of the Comptroller of Currency has also ordered the bank to overhaul its operations to ensure it is adequately guarding against general cybersecurity risks and risks specific to cloud operations. The OCC also wants the bank to submit those plans for review. The bank faces similar scrutiny from the Federal Reserve.

The data breach should alert other banks that are migrating data to cloud-based services.

Banks are now being lured by such outsourcing services, which offer a cost-effective way for storing huge databases that require a lot of upkeep in-house.

The problem is that safety is compromised. Banks across the globe have embraced cloud solutions offered by the likes of Amazon, Google, and Microsoft.

Some argue that the new system is more secure as the cloud servicing companies are huge software companies with sophisticated high-end security measures.

But as is evident by the current security breaches that happened at Twitter, Amazon, and the Waymo patent documents, sometimes in-house personnel compromise and give access to secrets.

Avatar
Anna Domanska
Anna Domanska is an Industry Leaders Magazine author possessing wide-range of knowledge for Business News. She is an avid reader and writer of Business and CEO Magazines and a rigorous follower of Business Leaders.

Recent Posts

Aon – Willis asset disposal aims to ease approval of $30 billion merger

Aon – Willis asset disposal aims to ease approval of $30 billion merger

Aon Plc and Willis Towers Watson have agreed to sell $3.6 billion worth of assets to rival Arthur J. Gallagher & Co. in a bid to appease European competition regulators over th
19 hours ago
Roblox declares Q1, reports $387 million revenue as bookings increase

Roblox declares Q1, reports $387 million revenue as bookings increase

Roblox, the hugely popular online gaming platform, reported its first-quarter earnings after becoming a listed company. Its revenue more than doubled as the videogame company benef
2 days ago
Weak US job report results in volatile market

Weak US job report results in volatile market

A weak job report resulted in a record close on Friday for the US stocks. The US labor department’s monthly non-farm payrolls report revealed employers hired 266,000 new workers
3 days ago
Star and Blackstone launch bids to buyout Australia’s Crown Resorts

Star and Blackstone launch bids to buyout Australia’s Crown Resorts

A bidding war has broken out between Australian casino company Star Entertainment Group and US private equity investor Blackstone Group over Crown Resorts, Australia’s bigges
3 days ago
5 Most Expensive Divorce Settlements in History

5 Most Expensive Divorce Settlements in History

Almost half of the marriages end in divorce is an oft-quoted adage, but surprisingly, this is not true in today’s world. The reasons are varied, gender equality, the higher p
4 days ago
JPMorgan Chase appoints two new CIOS in bid to make its C-suite more diverse

JPMorgan Chase appoints two new CIOS in bid to make its C-suite more diverse

JPMorgan Chase, the largest U.S. bank by assets, has appointed two new executives to head its information units in a bid to make its workforce more inclusive and increase racial an
4 days ago