Capital One Financial Corp. announced Monday that personal and financial information belonging to about 106 million of its customers in the United States and Canada has been compromised. The U.S. Department of Justice is calling it one of the biggest data breaches ever.
A 33-year-old software engineer living in Seattle who previously worked for Amazon Web Services, a cloud-hosting provider for Capital One, faces federal charges in connection with the break-in of a Capital One server in March. Capital One reports that the data accessed include:
- 140,000 Social Security numbers;
- 1 million Canadian Social Insurance numbers;
- 80,000 bank account numbers;
- an undisclosed number of people’s names, birthdates, addresses, contact information, credit scores and limits, transaction history, account balances and self-reported income.
What you can do if you suspect you’ve been affected by the Capital One breach
Don’t panic. But do brace yourself to spend time to ensure your accounts are in order. Capital One stated it would notify customers affected by the breach and make free identity protection and credit monitoring services available to them. Capital One’s online Support Center also is found here.
Review your credit card statements carefully. Check your statement online, and immediately notify your bank of suspicious charges — and try to get into the habit of reviewing all of your statements regularly.
Freeze your credit. Contact the three major credit-monitoring services — Equifax, Experian and TransUnion — to put a freeze on your credit, which will prevent access to your credit reports without your permission. This process is free and will not affect your credit. However, it will prevent access to your credit history and prohibit new accounts from being opened in your name. Just be forewarned: You can unfreeze your credit for your own applications, but there will be a delay — so if you’re trying to buy a home, car, or apply for a loan or credit card, you’ll need to account for this.
Set up a fraud alert on your credit. If you don’t want to freeze your credit, the three major credit-monitoring services will let you set up an alert — typically by text or email — instead. This will help ensure potential creditors verify the identity of anyone trying to open up new lines of credit in your name.
Reset passwords. Change any potentially affected passwords immediately. Changing online passwords regularly, not using the same password on multiple sites, and choosing security options such as Multi-Factor Authentication will help prevent unauthorized access to your data. Check out our post about how and why to choose a strong password.
Be vigilant. Avoid entering credit card and personal information into websites that are not secure. One rule of thumb for determining a secure site, according to Norton by Symantec: “Reputable sites begin with the https://. The ’s’ is key.” Don’t give personal details over the phone or via email — and especially not to unsolicited people, even if they claim to represent a bank, such as Capital One, and appear to have a Capital One email address. Instead, call the number on your credit card, and ask to speak with an appropriate contact.
Disclaimer: The information provided is intended to increase security awareness. Cardan Capital Partners does not warrant the accuracy of any information contained in the links and neither endorses nor intends to promote the advertising of the resources listed herein. The opinions and statements contained in such resources are those of the vendors and do not necessarily represent the opinions of Cardan.