Capital One Suffers Massive Data Breach
July 30, 2019, Seattle, WA - On July 17, 2019 Capital One learned from a email submitted tip that some of their data was leaked and stored on an publicly accessible website used by developers, GitHub, under the account of a user named "Netcrave". It also included the resume of someone named #Paige A Thompson.
On July 29, 2019 Federal prosecutors charged a Seattle, WA women Named #Paige A Thompson for allegedly downloading and stealing data from more than 100 million credit card applications from Capital One.
The complaint alleges that #Paige downloaded approximately 30 gb of data from a "rented cloud storage" provider. The data included roughly 140000 social security numbers and 80000 bank account numbers of American applicants. It also included over 1 million Social Insurance Numbers from of Canadian applicants.
“Importantly, no credit card account numbers or log-in credentials were compromised and over 99 percent of Social Security numbers were not compromised,”
“The largest category of information accessed was information on consumers and small businesses as of the time they applied for one of our credit card products from 2005 through early 2019,” the statement continues. “This information included personal information Capital One routinely collects at the time it receives credit card applications, including names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income.”
Not mentioned in the complaint was the name of the "cloud storage provider" but did state #Paige worked for the provider in 2015-2016 as a systems engineer. A look at her resume showed she last worked for #Amazon.
Check out the full complaint filed by the Justice Department here