The bank said while no credit card account numbers or login details were compromised, the lone hacker got hold of credit scores, credit limits, balances, and payment history. Thompson got unauthorized access to Capital One’s data on March 22 and 23. She allegedly took advantage of a misconfigured firewall and stole the data. On April 21, she posted the data on her GitHub account, which also had her full name and resume. There’s no evidence as of yet if anyone downloaded the data. A court document suggests an anonymous source came across the GitHub account and informed the bank through its responsible disclosure program. The bank said it’ll notify affected customers soon: It added that the incident will cost them $100 million to $150 million in 2019. Even if you’re not affected by the breach, you should consider enabling two-factor authentication for your transactions to be on the safer side.
