Capital One Details
Capital One
McLean, Virginia • 51987 employees • Financial services
Industry
Financial services
Security Incidents
1
Capital One Financial Corporation is an American bank holding company specializing in credit cards, auto loans, banking, and savings accounts, headquartered in Tysons, Virginia with operations primarily in the United States.
Security Incidents
Capital One Breach of May 2019
Show more
Severity Score
Low
Type
Data BreachSummary
In May 2019, Capital One experienced a significant data breach orchestrated by a former Amazon Web Services (AWS) employee, Paige Thompson. The breach, which was discovered in July 2019, resulted in the unauthorized access of personal information of over 100 million individuals in the United States and 6 million in Canada. The compromised data included names, addresses, phone numbers, email addresses, dates of birth, and self-reported income, as well as 140,000 Social Security numbers and 80,000 linked bank account numbers. Thompson exploited a misconfigured web application firewall to gain ac...Show more
Severity
The Capital One data breach of May 2019 was severe as a hacker gained access to more than 100 million Capital One customers' accounts and credit card applications, making it one of the biggest data breaches ever. The breach involved the exploitation of a well-known method called a 'Server Side Request Forgery' (SSRF) attack, indicating a significant security vulnerability in Capital One's systems.Impact
The breach impacted over 100 million Capital One customers, exposing their personal data and credit card applications. Approximately 4,700 U.S. credit card customers or applicants had their Social Security Numbers accessed by the unauthorized individual, leading to concerns about identity theft and financial fraud.KEEP YOUR ENVIRONMENT SECURE
Weak credentials are the leading cause of breaches. Beyond Identity can help.
See MFA exploits in action
Watch how adversaries exploit companies in quick videos