Over 100 Million People Affected by Capital One Data Breach Caused by an Insider Threat
Late last month, Capital One had a data breach that affected more than 100 million Americans and 6 million Canadians. This data leak mainly includes credit scores, credit limits, balances, payment history, and contact information. However, around 140,000 social security numbers and about 80,000 bank account numbers of Capital One credit card holders were stolen as well.
According to Capital One’s press release, they will be contacting those affected by this data breach and offering them free credit monitoring and identity protection as recompense.
The FBI have since arrested the individual that was responsible for this incident and Capital One continues to investigate the matter in order to discern the individual’s motives and actions following the data breach.
How it Happened
The official statement from Capital One outlines the cause of the data breach as being the result of an individual exploiting a configuration vulnerability within their infrastructure, which has since been fixed.
The alleged hacker who stole the data was once an employee at Amazon Web Services (AWS), which hosts the Capital One database that contained the information that was breached. This means that the data breach was the result of an insider threat that had devastating effects for Capital One and its customers.
The perpetrator allegedly used the web application’s firewall credentials in order to obtain privilege escalation, which is what granted her access to the data in question. From there, she used both Tor as well as a VPN in an attempt to remain anonymous and keep herself from being tracked down by Capital One’s Incidence Response team.
However, she was still caught and is now being charged with a single count of computer fraud, which comes with a $250,000 fine and up to five years in prison.
An Alarming Trend
Capital One certainly isn’t the first company that has had its data breached by an insider threat, and it definitely won’t be the last.
According to a recent study done by Cybersecurity Insiders, 90 percent of organizations say they feel vulnerable to insider attacks. This is for good reason as insider threats are on the rise, with the rate of incidents increasing year after year. In fact, more than half of the organizations that took part in the survey confirmed that they experienced insider attacks against their company.
As a result of this upward trend, 86 percent of organizations either already have an insider threat program or are working towards creating one. This means organizations are aware of the steadily growing threat of insider attacks and are taking the steps towards preventing them from happening.
Preventing Insider Threats
For those organizations that are looking to protect themselves from insider threats, there are a few things that they can do.
One of the first steps for any company trying to beef up their security against insider threats is to thoroughly screen new employees and contractors. Basic background checks can go a long way towards weeding out those who could potentially cause damage to the organization and its customers.
Another important procedure for organizations to implement is ensuring that all former employees have their accounts disabled as soon as they depart from the company. This ensures that they can’t log back into their old accounts and use them for nefarious purposes as well as prevents outside hackers from accessing said accounts as well.
Similarly, using temporary accounts for contractors can also help prevent insider threats from using old accounts.
In order to keep an eye on current employees and make sure they aren’t becoming insider threats, many organizations are turning to employee monitoring software, such as the one we provide here at SoftActivity. By using monitoring software, you can keep tabs on every staff member within your organization by tracking their behavior and activities. This comes in handy when preventing insider threats as you will have plenty of data on each employee and will have a better idea of when they start to act suspicious.
As an added bonus, user monitoring software can also send you alerts whenever a team member accesses something they’re not supposed to, giving you an early warning before they can cause any damage to your organization.
By SoftActivity Team