SACRAMENTO (CBS13) – A data breach at credit card company Capital One earlier in July exposed the personal information of at least 100 million customers and those who had applied for the company’s credit cards in the U.S.
On Monday, the company revealed a July 19 incident in which an “outside individual” accessed certain types of card credit card application information, including people’s names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and reported income of those who applied for their cards, the company said in a statement.
The individual also obtained portions of credit card customer data, including:
- Credit scores, credit limits, balances, payment history, and contact information
- Parts of transaction data from 23 days during 2016, 2017 and 2018
- About 140,000 Social Security numbers of our credit card customers
- About 80,000 linked bank account numbers of our secured credit card customers
The FBI has reportedly arrested the person responsible for the breach and that person is still in custody.
The company says that, based on their analysis, it is unlikely the information taken was used for fraud or disseminated by the individual, the company says.
“While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened,” said Capital One Chairman and CEO Richard D. Fairbank. “I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.”
Capital One says immediately after the breach, it fixed the configuration vulnerability the individual exploited.
The breach also affected 6 million customers in Canada.
Capital One says it will notify affected individuals and offer them free credit monitoring and identity protection.