Capital One announces data breach; about 100 million people affected

Officials with Capital One announced Monday the company has suffered a data breach involving about 100 million people in the United States.

In a statement, officials with the financial firm said the breach happened on March 22 and March 23, when a person managed to access customer information via a vulnerability. The vulnerability was reported to the company by a security researcher on July 17, and the breach was discovered on July 19.

Company officials say data collected when customers applied for credit cards were affected. The data was collected from 2005 to early 2019, and involved personal information of customers, in addition to credit scores, credit limits, balances, payment history, and contact information.

In addition, company officials reported that 140,000 Social Security numbers belonging to the company's credit card customers were stolen, along with 80,000 linked bank account numbers that belong to the company's secured credit card customers.

The data breach also affected Canadian customers, with 1 million Social Insurance Numbers compromised. Overall, about 6 million Canadian customers were affected.

A person believed to be responsible for the incident has been arrested by the FBI, according to officials. A report by the Seattle Times has identified the suspect as Paige A. Thompson, who has since appeared in a federal court in Seattle.

Capital One officials say they will offer free credit monitoring and identity protection for everyone affected.

Capital One Data Breach Information
U.S. customers -
English-speaking Canadian customers -
French-speaking Canadian customers -