Why would Capital One contact me? On July 19, 2019 Capital One revealed that the personal data and information of over 106 million users was stolen by a hacker able to get past their cyber security. Capital One stated on their FAQ page that, “This occurred on March 22 and 23, 2019.” and that they “believe it is unlikely” that any of the data stolen including social security numbers, addresses, names, were not distributed or used fraudulently yet.
Capital One’s Reaction: At this point most Capital One consumers have heard about the security breach, but through the media, not from Capital One themselves. They released a very calm press release about a massive data breach, contradicting themselves or trying to play things down stating things like “No bank account numbers or Social Security numbers were compromised, other than:
- About 140,000 Social Security numbers of our credit card customers
- About 80,000 linked bank account numbers of our secured credit card customers.”
Reason for concern: Capital One gives their users and potential affected customers no options of knowing if their data was compromised and what data was compromised. They are downplaying the severity of the breach to not alert customers, but by doing so are alienating their consumers by breaking their trust and privacy. Capital One is the third largest credit card issuer in the US and yet they say no data from over 100 million users has been used for fraud.
Our takeaway: Capital One’s management post massive data breach is ominous considering they have massively undersold the entire debacle with a vague tweet and a conflicting press release, but even more concerning is that they have not actually reached out to any customers of theirs who may have been affected. If you are a Capital One user, make sure to keep updated on any future stories or statements about this massive data breach.