Capital One fined $80 million for breach that exposed 100 million accounts

Capital One Bank has been penalized for data breach that occurred when it shifted operations to cloud-based service.



Capital One Financial Corp. has been penalized $80 million by the U.S. Treasury Department for a data breach of its accounts that occurred a year ago.

It has been accused of carelessness in its security network that enabled a hack to access personal information of 106 million credit cardholders of the bank.

Capital One migrated its operations to a cloud-based service in 2015 and it seems that enough security and risk management protocols were not put in place to prevent such a breach, claims the department.

The Comptroller of Treasury said the bank’s own internal audit failed to identify “numerous weaknesses” in its management of the cloud environment and “engaged in unsafe or unsound practices that were part of a pattern of misconduct.”

Capital One 2019 Data Breach Fined Penalized

Capital One HQ

Capital One in its consent order to the government body has committed to fixing the problem. Capital One’s breach is one of the largest of its kind. The 2019 breach compromised about 140,000 Social Security numbers and 80,000 bank account numbers, says a news report.

A hacker obtained personal information, including names and addresses of about 100 million individuals in the United States and 6 million people in Canada. The suspected hacker was a former employee of Amazon Web Services, a cloud provider where the bank had moved some of its data.

“Safeguarding our customers’ information is essential to our role as a financial institution,” said a bank representative in a statement. “In the year since the incident, we have invested significant additional resources into further strengthening our cyber defenses, and have made substantial progress in addressing the requirements of these orders.”

The perpetrator of the crime has been identified as one Paige Thompson, working with Amazon. S/he has denied the charges.

Thompson is set to stand trial in February. She is transgender and her lawyers have requested that she be sequestered at a halfway house, keeping her mental health in mind. But the judge in the case denied the request saying she was a flight risk and danger to others.

No evidence has emerged that Thompson sought to benefit financially from the hack.

The Office of the Comptroller of Currency has also ordered the bank to overhaul its operations to ensure it is adequately guarding against general cybersecurity risks and risks specific to cloud operations. The OCC also wants the bank to submit those plans for review. The bank faces similar scrutiny from the Federal Reserve.

The data breach should alert other banks that are migrating data to cloud-based services.

Banks are now being lured by such outsourcing services, which offer a cost-effective way for storing huge databases that require a lot of upkeep in-house.

The problem is that safety is compromised. Banks across the globe have embraced cloud solutions offered by the likes of Amazon, Google, and Microsoft.

Some argue that the new system is more secure as the cloud servicing companies are huge software companies with sophisticated high-end security measures.

But as is evident by the current security breaches that happened at Twitter, Amazon, and the Waymo patent documents, sometimes in-house personnel compromise and give access to secrets.

Avatar
Anna Domanska
Anna Domanska is an Industry Leaders Magazine author possessing wide-range of knowledge for Business News. She is an avid reader and writer of Business and CEO Magazines and a rigorous follower of Business Leaders.

Recent Posts

IBM Q4 Profit Up, Banks on Cloud and AI For 2021

IBM Q4 Profit Up, Banks on Cloud and AI For 2021

IBM’s revenue is expected to rise in 2021 and generate adjusted free cash flow of $11 billion to $12 billion for the year. ...
8 hours ago
‘World first’: Google threatens to disable search in Australia over proposed new law

‘World first’: Google threatens to disable search in Australia over proposed new law

Google has been at odds with the Australian Government since the latter proposed the ‘world first’ law to make tech companies pay publis...
10 hours ago
FCC rejects petition to stay Ligado Network’s 5G rollout

FCC rejects petition to stay Ligado Network’s 5G rollout

The Federal Communications Commission rejected by a vote of 3-2 on Tuesday to freeze the rollout of Ligado Networks’ nationwide mobile bro...
1 day ago
Oil prices rise on hopes of big stimulus money

Oil prices rise on hopes of big stimulus money

The crude oil prices showed an upswing with Brentwood going up to $56.08 a barrel and the US West Texas Intermediate crude oil selling at $5...
1 day ago
Kia bags Apple Car production deal

Kia bags Apple Car production deal

Apple Inc.’s much-coveted Apple Car could be produced by Kia Corp. at the latter’s manufacturing facility in the United States. The Sout...
1 day ago
Food Stocks to Lookout for in 2021

Food Stocks to Lookout for in 2021

The COVID-19 pandemic has seen a resurgence in recent weeks and talks of normalcy are still far away, even with the vaccinations. For invest...
2 days ago