Capital One Contradicts Itself In 35 Words After Announcing Millions Were Affected In Breach


Daily Caller News Foundation logo
Font Size:

Capitol One told its customers the company’s data breach did not compromise any social security or bank account numbers, except for tens of thousands of them, with about 100 million U.S. applicants affected in total.

“No bank account numbers or Social Security numbers were compromised, other than: About 140,000 Social Security numbers of our credit card customers [and] about 80,000 linked bank account numbers of our secured credit card customers,” an official statement from Capital One reads.

“Based on our analysis to date, this event affected approximately 100 million individuals in the United States and approximately 6 million in Canada,” the bank stated.

A software engineer is in custody for the suspected data hacking of at least 100 million Capital One credit card users and applicants, according to federal prosecutors Monday.

The 33-year-old Seattle woman, Paige Thompson, allegedly stole 140,000 social security numbers, 80,000 bank account numbers and compromised about 1 million Canadian social insurance numbers spanning from 2005 to 2019, The New York Times reported. She formerly worked for Amazon Web Services, her social media posts show.

She eventually hacked the data through a “misconfiguration” of a firewall on a web application, the FBI agent who investigated the hack said in court documents, according to the NYT. (RELATED: The FBI Doesn’t Want Users To Know Who Hacked Facebook)

She also allegedly ran a hacker group through the app Meetup, which allows users to create online groups that host in-person events for people with similar interests. The FBI tracked her activity on the app, which eventually led them to her Twitter and Slack accounts, where they say she bragged about the Capital One hack in a post.

The Bureau also discovered a GitHub post from an account that displayed her full name.

“I’ve basically strapped myself with a bomb vest, dropping capital ones dox and admitting it,” Thompson allegedly wrote using Slack, according to prosecutors.

Capital One said the breach will cost the bank up to $150 million. The bank also said in their statement it had “immediately fixed the configuration vulnerability.” (RELATED: Cyber Attacks Holding Baltimore Hostage, Threatening $10,000 A Day)

“I am deeply sorry for what has happened. I sincerely apologize for the understandable worry this incident must be causing those affected, and I am committed to making it right,” Capital One’s CEO Richard Fairbank said in a statement.

Capital One did not immediately respond to the Daily Caller News Foundation’s request for comment.

All content created by the Daily Caller News Foundation, an independent and nonpartisan newswire service, is available without charge to any legitimate news publisher that can provide a large audience. All republished articles must include our logo, our reporter’s byline and their DCNF affiliation. For any questions about our guidelines or partnering with us, please contact