Capital One, the 10th largest bank in the United States, has announced a security breach that resulted in the personal information of 100 million Americans and 6 million Canadians being stolen, including names, addresses, Zip Codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income—basically anything someone would put on a credit card application form. Plus, in an unfortunate turn of phrase, Capital One also says:
No bank account numbers or Social Security numbers were compromised, other than:
- About 140,000 Social Security numbers of our credit card customers
- About 80,000 linked bank account numbers of our secured credit card customers
For our Canadian credit card customers, approximately 1 million Social Insurance Numbers were compromised in this incident.
Portions of customer credit card data were also stolen, including credit scores, credit limits, balances, payment history, and contact information. However, no credit card numbers or log-in credentials were stolen, so there’s no need to change your passwords or cancel your cards.
The good—if unusual—news is that the FBI has arrested the perpetrator, Paige “erratic” Thompson of Seattle. Capital One doesn’t believe the information was distributed and said it has not only fixed the vulnerability that led to the breach but that it will supply free credit monitoring and identity protection to those affected.