Capital One Financial Corp, the nation's seventh-largest commercial bank based in McLean, Virginia, said on Monday that personal information including names and addresses of about 100 million individuals in the United States and 6 million people in Canada were obtained by a hacker.
The suspect, a 33-year-old former Seattle technology company software engineer identified as Paige Thompson, has been arrested. Thompson was active in the hacking community on Twitter. The hacker got information including credit scores and balances plus the Social Security numbers. Thompson posted information from her hack, which occurred between March 12 and July 17, on coding platform GitHub which is owned by Microsoft.. The page she posted on contained her full name as part of its digital address. it was not immediately clear what the suspect’s motive was. Capital One said it believes it is unlikely that the information was used for fraud, but it will continue to investigate.
The incident is expected to cost between US$100 million and US$150 million in 2019 because of customer notifications, credit monitoring and legal support, Capital One said. "I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right," Capital One CEO Richard D. Fairbank said. The scale of the breach ranks it as possibly one of the largest-ever impacting a U.S. bank. Capital One has been one of the most vocal advocates for using cloud services among banks.