Capital One on Monday announced that a hacker was able to expose personal information including names and addresses of 106 million Capital One customers in the US and Canada. The hacker, a former Seattle technology company software engineer, made her first appearance at the US District Court in Seattle on Monday.
According to the complaint filed against her in the district court, she had posted information obtained from the hack on coding platform GitHub. The hack came to light when another GitHub user informed Capital One.
The Capital One data breach is expected to cost the financial firm an amount between $100 million and $150 million mostly because of customer notifications, credit monitoring, and legal charges.
The hacker obtained personal information including names and addresses but wasn’t able to access credit card numbers. However, Capitol One announced that 140,000 social security numbers and 80,000 bank account numbers were compromised. Also compromised were 1 million social insurance numbers of Canadian credit card customers.
Following the Capital One data breach, law enforcement officers were able to track down the hacker as her full name and digital address was included on the page she posted the hacked information.
The US attorney said they are unsure about what the hacker’s motive was. The hacker was able to get into Capital One’s system through a misconfigured web application firewall. One the wake of the data breach, Capital One’s share prices fell 4 percent.
The list of data breaches we are witnessing every day keeps on growing. Just recently, Facebook announced a $5 million settlement for its data breach and Equifax said last week that it would pay $700 million for the 2017 data breach.
Questions about what roles governments and regulatory bodies should play to prevent future breaches remain unanswered.