- Capital One said on Monday that information from over 100 million people, including Social Security and bank-account numbers, had been compromised.
- Capital One said that while it is still investigating, “it is unlikely that the information was used for fraud or disseminated by” the hacker.
- If you’re a Capital One customer, you’re likely wondering what to do. Here’s what the company suggests.
- Visit Business Insider’s homepage for more stories.
Capital One revealed a major data breach on Monday.
It said the breach included the personal information of over 100 million people, ranging from Social Security numbers to bank-account numbers and names.
If you applied for a Capital One credit card from 2005 through early 2019, there’s a good chance you’re affected.
But how to find out for sure? Here’s what we’ve got so far.
First and foremost, here’s a comprehensive list of what Capital One says was lost in the data breach:
Capital One said the breach “affected approximately 100 million individuals in the United States and approximately 6 million in Canada.”
It said the primary information involved in the hack was from “consumers and small businesses as of the time they applied for one of our credit card products from 2005 through early 2019.”
More plainly, that means if you applied for a Capital One credit card at any point in the 14 years from 2005 to 2019, you were probably affected.
What information was taken in those instances? “Names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income,” Capital One said.
And that’s not all: Capital One said that “about 140,000 Social Security numbers” from credit-card customers were taken, as well as “about 80,000 linked bank account numbers” from secured credit-card customers and “approximately 1 million Social Insurance Numbers” from Canadian credit-card customers.
It is, in short, a huge mess.
So how to know if you’re affected? There are a few things you can do. 1. Wait patiently for Capital One to tell you whether you’re affected.
In announcing the data breach on Monday, Capital One said it would “notify affected individuals through a variety of channels.”
Moreover, the company is offering “free credit monitoring and identity protection available to everyone affected.”
It is unclear whether any of the 100 million-plus people affected have been notified – as of Tuesday, none of the Capital One customers in our newsroom who we talked to had received any correspondence. Representatives for the company didn’t respond to repeated requests for comment.
2. Freeze your credit!
In the worst-case scenario in a data breach like this, your Social Security number and personal information could be used for identity theft.
In a slightly less awful possibility, your credit card could be used to buy things.
And in an even less awful possibility, you may see an increase in “phishing” attempts via email and/or phone – essentially, more spam emails and robocalls.
There is, at the very least, one solid option for protecting against the worst scenario: a credit freeze.
3. Stay vigilant! Monitor your credit-card bill and report any potentially fraudulent activity to Capital One.
At the bare minimum, there’s one very easy security protection you can take: Pay attention to your credit-card bill and bank statements.
If you see something that looks out of place, call your credit-card company or bank.
Notably, Capital One said that “no credit card account numbers or log-in credentials were compromised” in the breach and that “over 99 per cent of Social Security numbers were not compromised.”
So it’s unlikely you’ll suddenly encounter fraudulent transactions on your credit card or in your bank account – but it sure doesn’t hurt to pay slightly closer attention.
4. Consider a service to protect against identify theft.
If it’s freaking you out, that’s totally understandable. Perhaps it’s time to consider enrolling in a service to protect yourself from identity theft.
Both Equifax and Capital One are offering free identity-theft protection to the hundreds of millions of people affected in their breaches, but you may want to shop around and decide which of the many services is right for you.
Business Insider Emails & Alerts
Site highlights each day to your inbox.