The saga of the Capital One data breach, which impacted an estimated 106 million individuals in the U.S. and Canada, may soon be coming to an end. After more than two years of litigation, the parties have reached a settlement that would resolve existing and future consumer claims arising out of the 2019 breach which impacted Capital One customer information stored in the Amazon Web Services (AWS) cloud environment. If the settlement is approved, it will be one of the largest in any multidistrict data breach litigation.
On July 29, 2019, Capital One announced that certain information related to current and prospective customers had been stolen by a hacker from the AWS cloud instance where Capital One stored its data. The breach impacted approximately 98 million U.S. residents who had an account or had previously applied for an account, with Capital One. The hacker stole approximately 140,000 social security numbers and 80,000 linked bank account numbers, as well as names, postal codes, birth dates, self-reported income, credit scores, credit limits, account balances, and payment history. A former AWS software engineer, Paige A. Thompson, was indicted on federal charges of wire fraud and computer fraud, and abuse in connection with the breach.
Under the terms of the settlement, Capital One would pay $190 million to compensate members of the settlement class for (among other things) out-of-pocket losses incurred in connection with the breach and for lost time spent dealing with issues related to the breach, as well as at least 3 years of identity theft prevention and resolution services. In addition, for at least two years, Capital One will implement and maintain significant changes to its business practices designed to improve its cybersecurity. In exchange, Capital One and AWS will be released from any further claims by the settlement class in connection with the breach. The proposed settlement is in addition to an $80 million penalty paid by Capital One in 2020 to settle claims by its regulators. The regulators alleged that Capital One engaged in unsafe or unsound practices in connection with moving its customer information to the AWS cloud.
While Capital One remains a strong advocate for the use of cloud storage and computing in the financial services industry (even advertising its move to the public cloud on its website), a majority of other banks and financial institutions have been somewhat more cautious about moving critical business applications and customer data to cloud environments. Capital One’s experiences, including the 2019 breach and the resulting settlements with regulators and consumers, will no doubt inform other financial institutions in their decisions to use cloud computing and storage in the future.
Source JDSupra https://www.jdsupra.com/legalnews/capital-one-reaches-190-million-5708035/
Scammers use recent data breach data to SIM Swap your number and become you. Once the scammer and hackers have control of your number it is a matter of minutes to hours before they wreak havoc on your entire life.
These scammers and hackers, now that they control your number, can gain access and steal all your bank accounts, crypto, social media, and other accounts. We take for granted how much mobile phones control our lives.
If you think your phone is safe, it’s probably not. Consider a 2020 study conducted by a team of computer scientists at Princeton University found ALL 5 major carriers AT&T, T-Mobile, TracFone, USMobile, and Verizon use insecure authentication methods.
Protect your Identity. If your Identity & Phone isn’t SAFE Secure do it NOW!
🎯 Nonprofit For Good Promotion – 1 Month FREE 🎯
Everything can be at risk from your photo’s on your phone, 401k, Investments, Crypto, even your bank account and social media accounts. All of your assets and identity are at risk and it is up to you, and only you, to protect yourself.