A data breach at Capital One Financial compromised the personal information of more than 100M U.S. and Canadian customers and credit cardÂ applicants, the Wall Street Journal reported Wednesday.
According to a federal criminal complaint, the breach involved a former Amazon Web Services employee who used a misconfigured firewall to break into the bankâ€™s systems and access the customersâ€™ sensitive data.
Among the compromised personal data were names, dates of birth, addresses, credit scores, payment history, Social Security numbers and bank account numbers. Approximately 80K account numbers and 140K Social Security numbers were exposed in the hacking incident.
Capital One said it expects to incur $100M to $150M in costs to remediate the breach.
â€œInsider threats are big concerns for companies and when you combine them with the talent of an engineer like this, itâ€™s really concerning,â€ said Mark Testoni, CEO of SAP National Security Services and a 2019 Wash100 winner. â€œThat is tough to prepare for because theyâ€™re more sophisticated than other insiders may be.â€