US bank Capital One notified additional customers that their Social Security numbers were exposed in a data breach announced in July 2019. The day the breach was disclosed, the Department of Justice arrested and indicted the suspected hacker, former Amazon Web Services employee Paige Thompson, who posted about stealing data on GitHub after infiltrating Capital One's AWS cloud servers.
The former roommate of a woman accused of hacking Capital One banking company and at least 30 other organizations has been sentenced to four years in prison for illegally possessing firearms, according to federal prosecutors. Park Quan, 67, was sentenced Wednesday in U.S. District Court in Seattle after pleading guilty to being a felon in possession of guns, according to U.S. Attorney Brian Moran.
The U.S. Treasury Department has fined Capital One $80 million for careless network security practices that enabled a hack that accessed the personal information of 106 million of the bank's credit card holders. The Comptroller of the Currency said in a consent order Thursday that Capital One failed in 2105 to establish effective risk management when it migrated information technology operations to a cloud-based service.
A United States regulator has fined the credit card provider Capital One Financial Corp with $80 million over last year's data breach that exposed the personal information of more than 100 million credit card applicants of Americans. According to a press release published by the OCC on Thursday, Capital One failed to establish appropriate risk management before migrating its IT operations to a public cloud-based service, which included appropriate design and implementation of certain network security controls, adequate data loss prevention controls, and effective dispositioning of alerts.
Capital One must pay a trivial $80m fine for its shoddy public cloud security - yes, the US banking giant that was hacked last year by a miscreant who stole personal information on 106 million credit-card applicants in America and Canada. "The OCC took these actions based on the bank's failure to establish effective risk assessment processes prior to migrating significant information technology operations to the public cloud environment and the bank's failure to correct the deficiencies in a timely manner," the watchdog said in a statement on Thursday.
An Android mobile malware has been uncovered that steals payment data from users of popular financial apps like PayPal, Barclays, CapitalOne and more. EventBot is not currently on the Google Play app marketplace, but researchers said the malware is nonetheless masquerading as legitimate applications.
Even the most forward-looking organizations with the top security experts face risk when transitioning to the cloud. The case study will also explain how a Network Detection and Response Layer could have provided the missing visibility and detection needed to respond to such an incident.
Bank Reportedly Will Look Outside the Company for Security LeadershipNearly four months after Capital One revealed a massive data breach, Michael Johnson, the bank's CISO, is being moved into an...