As you’ve probably heard by now, this week Capital One became the latest company to experience a massive breach of consumer information. According to the company, the breach includes the compromised data of over 100 million individuals. Those effected includes both Capital One customers and those who submitted a credit card application within the past 14 years. Most notably, the information stolen includes about 140,000 Social Security number and 80,000 bank account numbers. However, information such as names, addresses, reported income, and credit scores were also compromised in the attack.
One of the most interesting aspects of the breach is that the hacker reportedly responsible for breach, once worked for Amazon Web Services, which hosts the Capital One database that was compromised. Paige Thompson, the woman allegedly responsible for the attack, gained access to the database by making use of credentials for the web application’s firewall. This makes the attack just the latest in a long list of breaches involving insider threats via a third-party. It is also the latest in a long line of breaches where the access was gained through a web application.
Too Early for Key Takeaways Except for One Big Takeaway
A lot remains unknown about the role Ms. Paige was playing, how she moved through the AWS space (Capital One was not the only company she gained access to) and what her motives were. However, it does show that Capital One’s Incidence Response team was prepared to move quickly once the incident was made known. In some cases, being very good at dealing with a crisis is perhaps your strongest (and maybe only) defense.
Also published on Medium.