top of page

Hacking into Capital One, US 10th largest bank - a follow through from the Equifax hack in 2017?

Approximately 100 million people in the United States and 6 million more in Canada who are customers of Capital One have been affected by a data breach that the bank says happened in March 2019 when a software engineer allegedly exploited a vulnerability to access its systems. Capital One Financial Corporation is a bank holding company specializing in credit cards, auto loans, banking and savings accounts headquartered in McLean, Virginia and is ranked 10th on the list of the largest banks in the United States by assets.

Security experts said freezing your credit is a top most priority to prevent the hackers from creating fake accounts in your name. And the request to freeze can be done online or over the phone with 3 credit reporting bureaus, amongst which is Equifax.

Equifax itself experienced a data breach in September of 2017, where the personal information of approximately 147 million people were impacted. Equifax reached an agreement with the US Federal Trade Commission for Equifax to pay at least $575 million and up to $700 million to compensate those whose personal data was exposed with the breach of the Equifax servers. 

Customers of Equifax whose personal data was exposed in the data breach, can now file a claim to get back money spent or lost in the breach. For those who have spent to protect themselves from identity theft and on credit monitoring following the data breach, they can file a claim for $125 to cover that out of pocket expense.  Additionally, the customers can file a claim to be compensated for the costs of recovering from the security breach - including any costs associated with the theft of their identity and freezing and unfreezing of their account - and compensation of unauthorized charges to their banking accounts for up to US$20,000 per person.

Was the breach at Capital One solely the result of a software engineer allegedly exploited a vulnerability to access its systems or it is a follow through by the hackers who hacked and obtained the data of the customers of Equifax in 2017? It would be interesting to know.


bottom of page