Personal details of around 106 million individuals across the US and Canada were stolen in a targeted attack on the financial services firm Capital One. The suspected hacker, Paige Thompson, was arrested on Monday after reportedly bragging about the breach online.
Data that was stolen included names, addresses and phone numbers of people who had applied for one of the companies services. The hacker did not get any credit card account numbers.
Capital One is a large credit card issuer in the US and also operates retail banks. The hack was identified on July 19th and there is approximately 100 million people in the US affected plus 6 million in Canada.
Capital One’s Chairman Richard Fairbank said in a statement: “While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened.
“I sincerely apologise for the understandable worry this incident must be causing those affected and I am committed to making it right. “
The US justice department has now confirmed that they have arrested a former software engineer in connection with the data breach. Ms Thompson was arrested on Monday with charges of computer fraud and abuse. A hearing for the incident is expected on August 1st. Ms Thompson faces a five years in prison and a $250,000 fine.
A statement by the US attorney’s office in Washington said: “On July 17 2019, a GitHub user who saw the post alerted Capital One to the possibility it had suffered a data theft.”
