U.S. Treasury Department fines Capital One $80 million for ‘careless’ data breach


Capital One has been fined $80 million following one of the biggest data breaches at a bank on record.

© Wikipedia

The U.S. Treasury Department has imposed an $80 million fine on Capital One for its ‘careless network security practices’ which led to the hacking of personal information affecting more than 106 million credit card users.

Capital One credit card holders had their personal information accessed and in a consent order on Thursday, it was established that the company had failed to implement ‘effective risk management’ after it migrated operations to a cloud-based service back in 2015.

According to the bank’s own internal investigation, there had been a number of “weaknesses” that had led to the breach within the company, which also included misconduct by management.

Following a number of prominent data breaches over the past several months, U.S. regulators are coming down hard on businesses that fail to protect consumer data whether its personal information such as phone numbers, addresses or social security numbers.

Internationally, other countries have also started to re-evaluate their data laws with tightening restrictions on companies that fail to adequately protect data, even when migrating systems to newer, cloud-based alternatives.

Data security manufacturer Verity Systems, which provides hard drive degaussing equipment to global businesses, told the International Business Times this week that it was vital for “global businesses to protect consumer information by safely destroying data from mechanical hard disks as well as SSDs.”

In 2019, Capital One suffered a data breach that resulted in 140,000 social security numbers being leaked along with 80,000 bank account numbers compromised, considered one of the largest in the banking sector.

And earlier this year, hotel giant Marriott confirmed that it had suffered a second data breach following a previous hack exposing the records of 383 million guests prompting European regulators to impose $123 million in fines on the company.

With businesses moving toward cloud infrastructure, vulnerabilities remain, and in a recent study by IBM, the cost of data breaches have risen in the past year, averaging $8.64 million per breach in the U.S. alone.

The latest breaking news from the Digital Weekday editorial team.

Next Post

Women Financial Power launch new retirement and insurance solutions ahead of Medicare season

Women Financial Power, one of Tennessee’s leading small businesses providing retirement and insurance services, have announced the launch of their latest solutions aimed at supporting individuals as well as business owners with insurance and retirement planning.