Capital One Financial Corp. said data from about 100 million people in the U.S. was illegally accessed after prosecutors accused a Seattle woman of breaking into the bank’s server at a cloud-computing company.
The woman, Paige A. Thompson, was arrested Monday and appeared in federal court in Seattle. The data theft occurred some time between March 12 and July 17, federal prosecutors in Seattle said. The cloud-computing company, on whose servers Capital One rented space, wasn’t identified in court papers.
“I am deeply sorry for what has happened,” said Richard D. Fairbank, Capital One’s chief executive officer, in a statement. “I sincerely apologize for the understandable worry this incident must be causing those affected.”
About 6 million individuals in Canada were also impacted by the breach, Capital One said.
The largest category of data stolen was supplied by consumers and small businesses when they applied for credit cards from 2005 through early 2019, the bank said. It included personal identification data, including names, addresses, phone numbers and dates of birth, and financial data including self-reported income, credit scores and fragments of transaction history.
About 140,000 Social Security numbers were accessed, as well as 80,000 bank account numbers from credit-card customers, the bank said.
In court on Monday, Thompson broke down and laid her head down on the defense table during the hearing. She is charged with a single count of computer fraud and faces a maximum penalty of five years in prison and a $250,000 fine. Her lawyer declined to comment.
U.S. Magistrate Judge Mary Alice Theiler ordered Thompson to be held. A bail hearing is set for Aug 1.
Capital One, which is based in McLean, Virginia, has been one of the most vocal advocates for using cloud services among banks. The lender has said it is migrating an increasing percentage of its applications and data to the cloud and plans to completely exit its data centers by the end of 2020 — a move the company says will help lower costs.
The case is U.S. v. Thompson, 19-mj-344, U.S. District Court, Western District of Washington (Seattle).
–With assistance from Jenny Surane and William Turton.
Was this article valuable?
Here are more articles you may enjoy.
How Three New CMS Policies Impact Workers’ Comp Claims 
Supreme Court Questions $1 Billion Music Piracy Suit Against Cox 
Psychological Injuries in Workers’ Comp: A Patchwork of State Approaches 
Wells Fargo Whistleblower on Sham Interviews Wins Right to Sue 
Want to stay up to date?
Get the latest insurance news
sent straight to your inbox.