Here is the summary of the 2019 Capital One Breach:

July 17, 2019, Capital One Financial Corp. was notified that an online hacker was soliciting the circulation of various sets of sensitive data mined from within internal servers. The source of the data stems from a system breach on March 22 and 23, 2019, which was quickly identified and neutralized. Within the limited amount of time the system was accessed, hacker Paige A. Thompson was able to gather sensitive information impacting millions of US and Canadian citizens.

Over 140,000 Social Security Numbers, 80,000 Bank Account Numbers, and 1 Million Canadian Social Insurance numbers were jeopardized.

Capital One was alerted, nearly 4 months after their data had been accessed, that sensitive information from various credit card applications was being advertised within private chat pages on social media. Thompson, under the alias “Netcave”, spoke openly on a public chat page within the software development site GitHub. She then created a private messaging channel under similar nomenclature within the messaging platform Slack. On this channel, Thompson posted various databases that she was able to hack into, naming various other organizations that could have been impacted including Ford Motor Co, Michigan State University, as well as the largest bank within Italy, UniCredit. Thompson, a Seattle resident, also posted her resume to the GitHub channel identifying her time as an Amazon Web Service engineer, which the CapitalOne servers were deployed on. She gained access to over 30 GB of CaptialOne data from within credit card applications submitted from consumers and small businesses the years 2005 until early 2019. Thompson went into detail on her twitter page, under the name “erratic” bosting about how she easily gained access.

The Twitter account associated with Thompson shared insight into her methodology.

As an Amazon Web Service Client, how can you feel confident in your data security?

Thompson was able to gain access to through a “flimsy” firewall protecting Capital One’s cloud deployment on Amazon.com’s AWS software. Though Thompson posses familiarity with Amazon Web Services, working as a prior software engineer, the fault lies within Captial One’s weakened security. At the forefront of cloud deployment, Captial One sought to lead the charge with cloud-based software in the banking industry. The company rapidly deployed cloud-based software across all avenues, in hopes of revolutionizing the way industry leaders store information. Announced in 2015, Capital One rapidly integrated AWS software in hopes of consolidating data centers while emphasizing agile development.

Capital One’s major push toward innovative technology ultimately leads to detrimental ends.

After announcing the forward focusing initiate almost 5 years ago, Capital One faced major setbacks. Effectively having to rewrite all applications for a modern architecture proved to be much more time-consuming in reality. With progress halting on bold claims, Capital One instituted half-hearted security measures that proved to be far more detrimental than the progress made toward the cloud. Focusing on successfully deploying all cloud-based applications led to extreme oversight that, today, caused weak security standards to put millions of people at risk.

How will you learn from Capital One’s mistake?

Hackers, like Thompson, are numerous in today’s technological economy. Your data is incredibly valuable and could be at risk of exposure, how can you protect your cloud-based computing? Oxalis understands the implications, both positive and potentially negative when deploying to the cloud. Here are some of our best practices to deter hackers and limit access from your sensitive information.

  • Passwords: make sure passwords are continuously changed on a regular basis while also encouraging the use of “strong” passwords or phrases.
  • Two-factor authentification: this is incredibly important to provide roadblocks whenever possible to limit the access pathway for hackers. Instituting these methods whenever possible will help you gain valuable time to neutralize a threat once it is identified. Utilizing mobile codes as methods of authentification will help to increase the capabilities of bots or spoofed accounts.
  • Monitor your activity: Capital One is beginning to contact the accounts effected, do not wait until it is too late. Monitor your accounts for suspicious activity to help limit the access and reach of the hacker within internal domains.

Are you confident in your AWS security protocols?

After large corporations like Equifax and Capital One have been made incredibly vulnerable, how can you be entirely confident in your data security? Hackers have become incredibly sophisticated, transforming cyber attacks into cyber-warfare. Make sure you are utilizing the best resources as your disposal to maintain confidence in the protection of your sensitive data. Oxalis is here to help you understand the benefits and implications of scaling on the cloud, limiting your blind spots and vulnerabilities.