In the latest of big data beaches, bank holding company, Capital One Financial Corporation, released a statement discussing a breach in their database. The breach has allowed an unauthorized individual to gain access to sensitive information of millions of their customers.
Capital One stocks went down by 5.73 percent in response to the incident on Tuesday. Such data breach has raised questions over the security of consumers’ data and that of the issuers.
The breach has reportedly affected more than 100 million individuals across the US and 6 million in Canada, according to Capital One’s statement. The LA Times reported on Wednesday that even those whose applications has been rejected are still vulnerable to the breach.
However, Capital One said in a statement posted on its site “importantly, no credit card account numbers or log-in credentials were compromised and over 99 percent of Social Security numbers were not compromised.”
The hacker, Paige Thompson, 33, is said a former employee of Amazon Web Services Inc, reported the American press. The engineer, was able to manipulate a vulnerability in server on Amazon’s cloud service where the data was stored. Amazon, however, said that they found no evidence that their services has been compromised.
In an interview with Northeastern News website, William Robertson, an associate professor at Northeastern, said that the incident is a “clear failure to either encrypt personally identifiable information, or to protect the encryption keys used to protect that data, which is a common failure mode for cloud-hosting provider storage encryption schemes.”
In his interview Robertson re-iterated what various security entities has been explaining that “there is insufficient internal incentive to use the security technology we have.” In a recent story, published on Communicate, “only 25 percent of the business leaders across Europe, Middle East and Africa are confident in their current cyber security.” Despite the numbers, the firm explained that the issue lies internally as there is a lack of security cultures within organizations.
“The Capital One incident is the latest in a string of high-profile, high-impact data breaches. The hacker in this case, unlawfully gained access to users’ information by exploiting a misconfigured web application firewall – something that could have been prevented,” said Salam Yamout, the Internet Society’s Middle East regional director in a statement to the press.
Even though Capital One, learnt about the hack through a tip on 17th of July, the release notifying the incident was made on July 29 to pursue the hacker. The Capital One data breach has been identified to be amongst the biggest breaches, according to statistics provided by BBC reports.
“While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened,” said Richard D. Fairbank, Chairman and CEO in the statement published on the website. “I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.”
While in this case, the hacker was being identified immediately, the incident highlights the major issues tech companies are facing, including but not limited to their vulnerable servers. “Companies holding personal and sensitive data need to be extra vigilant. Use strong passwords and multi-factor authentication, keep software updated, be careful with email, encrypt/hash and back up your data where ransomware can’t get to it,” added Yamout in the statement.
In their statement, Capital One said that there has none of the breached information was used for fraudulent purpose but ensured they would notify those affected and provide free credit monitoring and identity protection. The bank has said that they will be continually investigating the incident.
App analytics and market data company, App Annie, have released a new report that sheds light on Gen Z’s mobile behavior, in order to help marketers develop effective strategies to reach them. 98% of Gen Z report owning a smartphone, on average receiving their first at the age of 10. They are also part of […]
Experticity, the world’s largest community of influential category experts have released a new study that sheds new light on the importance of micro-influencers on the average consumer. The study was conducted with online interviews of more than 6,000 individuals from the United States drawn from Experticity’s micro-influencer network and the general population. In addition, more […]
Market research companies eMarketer and Global Web Index have collaborated together to release the 10th edition of the global media intelligence report. The report is a detailed compilation of data and insights about internet users’ traditional and digital media usage in 42 key markets worldwide. Communicate will be highlighting the key trends that are shaping the […]
Social Bakers, a global AI-powered social media marketing company has released the Q3 edition of their social media trends report. The report reveals where the industry is currently standing with regard to spending and engagement globally. Here are the key findings – ADVERTISING Worldwide ad spend increased by 56.4% in Q3 compared to where it […]