Capital One announced on Monday that they were hit by a massive data breach involving over 100 million customers. The breach compromised personal information including credit scores, social security numbers, and credit card transactions.
A 33-year-old woman in Seattle has been arrested in connection with the crime. Former software engineer Paige A. Thompson is facing a litany of charges, including computer fraud.
Capital One apologized for the breach and – in a statement released Tuesday – New York Attorney General Letitia James announced that investigations into the breach would begin immediately.
Here’s everything you need to know about the breach, including what happened, when it happened, and what you can do to protect yourself.
When Did the Breach Happen?
Capital One stated that the breach was first discovered on July 19th. An individual – presumably Thompson – gained access to a cloud-based server and used it to obtain personal information about Capital One credit card customers and other people who applied for products from the bank.
The FBI said that the actual data theft occurred between March 12 and July 17, according to court records.
How Many People Are Affected?
Capital One says the breach affected approximately 100 million people in the United States and a further 6 million Canadians.
What Information was Compromised?
The information affected by the breach include credit limits, credit scores, payment history, contact information, and balances were compromised in the breach. They also say that pieces of transaction data from “23 days during 2016, 2017, and 2018” were also vulnerable.
The bank was quick to clarify that no log-in information or credit card numbers were stolen, but around 140,000 Social Security numbers of their credit card customers were vulnerable, along with 80,000 linked bank account numbers of credit card customers.
Capital One said they would reach out to affected customers using their own means.
How To Protect Yourself
Capital One said those affected by the breach can expect to receive free identity protection and credit monitoring. Customers are also eligible to freeze their credit. This is something you would need to do with all three credit bureaus though; including Experian, Equifax, and TransUnion.
Freezing your credit prevents lenders from accessing your credit report, which would in turn prevent criminals from opening credit accounts. Just keep in mind that you need to unfreeze your score later on if you wish to open any new credit accounts yourself.
Look through credit card statements for unauthorized and fraudulent transactions. Also change any passwords associated with those accounts, as well as the passwords on accounts that use the same passwords.