Published on August 1st, 2019 📆 | 4430 Views ⚑
0Capital One Data Breach Leaves Millions Vulnerable | Chicago News
Another day, another data breach.
Just one week after credit reporting giant Equifax agreed to pay up to $700 million to settle a lawsuit over a 2017 data breach that left some 147 million people exposed, another major financial player has admitted that it was hacked.
Capital One Financial, one of the largest issuers of credit cards in the United States and the nationâs seventh-largest commercial bank, announced late Monday that a hacker had obtained the personal information of about 106 million of its credit card users.
âItâs another huge data breach,â said Thomas Johnson, vice president of public and board relations at the Better Business Bureau, which has been working to educate its members about cybersecurity threats.
Johnson said that while companies have âimproved greatlyâ in their efforts to recognize and deal with cyberattacks they still need to do far more.
âThe threat is constantly evolving,â said Johnson. âItâs something that companies have to take seriously. ⌠This is just kind of the new norm now for companies that they really have to be on top of this because companies are hacked all the time.â
Although major data breaches at large corporations attract the most headlines, Johnson said that hackers often deliberately target smaller companies that might not prioritize cybersecurity because of financial constraints.
âYou hear about the big, big companies and the cybersecurity attacks that hit them but a lot of times its small businesses that are being hit,â said Johnson. âSmall businesses are just hit over and over. They literally have all of their information frozen and boxed off and they canât get to their data ⌠they will be asked to pay a ransom that can be from several hundred to several thousand dollars. And if they donât pay it they donât get their data back, so most people just pay the ransom. Itâs really a big problem for business today.â
Johnson also notes that small businesses without adequate data protection can also create vulnerability for larger companies.
âA lot of the attacks that weâve seen in cities and big companies has actually been through one of their vendors who has weak cybersecurity,â said Johnson.
And staff untrained in recognizing cyber threats are also a target for hackers.
âA lot of these cybersecurity breaches start with simple phishing emails,â said Johnson. âUnless the entire staff of a company has training to watch out for these fake emails itâs very easy to get tricked.â
As a consumer, if you believe your data may have been compromised, Johnson said that one of the best ways to protect yourself is to contact the big three credit reporting bureaus â Equifax, Experian and TransUnion â and ask them to freeze your credit.
âIf you freeze your credit report nobody can get in there and steal your information,â said Johnson. âYou can do it for any amount of time that you want. If you want to protect your information thatâs a great way to do it.â
And of course, routinely checking credit card and bank transactions for any suspicious activity is now a must, as is getting a copy of your credit report. One indicator that you may have been hacked is if you see a number of very small charges.
âYouâll see a couple of transactions for 5 or 10 cents, that kind of thing, and once (hackers) have made sure that they have access to your bank account or credit card and its working then the charges will come flying in. And all of that will show up on a credit report,â he said.
If you are thinking of asking for a credit report or credit freeze here are customer service contact numbers for the three main credit bureaus:
â˘Â Equifax: 866-349-5191
â˘Â TransUnion: 800-916-8800
â˘Â Experian: 888-397-3742
Blase Ur is an assistant professor of computer science at the University of Chicago. Below, his tips for protecting yourself against data breaches.
1. Use different passwords everywhere. âIf for one data breach your password is revealed, then youâll be accessible [to hackers] on all these different sites,â Ur said.
2. To better manage your different passwords, use password manager software. âYou might think I have a really strong and hard-to-guess password that Iâll use everywhere, but if any company suffers from a data breach ⌠youâre basically toast,â he said.
3. Enable two-factor authentication. âThis is the case where you type in your username and password, and then you have to enter a code that comes up on your phone, for instance,â Ur said.
4. Be careful of phishing emails. âSometimes theyâre laughable, like some foreign prince wants to give you money and then you have to pay some processing fees to get this money. But now that all this personal information is being revealed from data breaches, weâve seen more targeted phishing emails,â Ur says. âI think a big worry is this will become way more targeted in the future. If you get an email about your last vacation, it might just be a scammer.â
5. Think about what kind of information you are sharing with companies. âWhen youâre sharing information with companies, think about whether they actually need it,â Ur said. âWe live in an age where itâs very natural to give companies information to get services, but just be wary. You have to be a little bit rebellious and say, âNo, I donât want to give this information.ââ
Note: This story will be updated with video.
Nicole Cardos contributed.
Related stories:
Capital One Target of Massive Data Breach
FaceApp Raises Broader Privacy Concerns. Hereâs What You Need to Know.
Illinois Voter Data Hack Part of Mueller Report
Equifax Data Breach: How to Protect Your Credit, Bank Accounts
Gloss