LISTEN LIVE

Capital One Hack Sparks Discussion of Cyber Hygiene

Aug 6, 2019

More than 100 million Capital One customers recently had some of their information compromised by a hacker.

Now, an assistant professor at the University of South Florida Muma College of Business is giving some advice on how to avoid falling victim to future data breaches.

Paige Thompson, 33, was taken into custody by the FBI July 29 on one count of computer fraud and abuse for illegally obtaining the stored data of Capital One Financial. 

On July 17, a GitHub user reported a suspicious post by Thompson that was bragging about the information she allegedly stole from the Capital One servers. GitHub is a software development platform where users can find and share developer tools. 

Thompson is reported to have taken names, addresses, zip codes, phone numbers, e-mail addresses, birthdays, credit scores and payment history of 106 million Capital One customers across the United States and Canada. In a statement last Monday, Capital One officials said that no credit card account numbers or login credentials were breached.

Compromised information may end up being sold to criminals on the dark web, which is only accessible by utilizing special software that allows the users to remain anonymous and untraceable. 

"What a lot of hackers will do when they would they get this information is they won't put it all up on the dark web at once," said Sagar Samtani, assistant professor in the University of South Florida Information Systems and Decision Sciences Department. "They'll batch it out over a period of time."

Target was the victim of a major data breach in 2013, but the Capital One hack is unlike breaches seen before. 

A faulty firewall left a cloud server hosted by Amazon Web Services (AWS) vulnerable to hackers. This missing link in the protection helped Thompson gain access to the company's data.  

"This is actually quite uncommon for an AWS server to be breached at this level," said Samtani.

According to Samtani, similar data breaches like the ones at Yahoo, Equifax and Home Depot all occurred on their own company servers. 

"This is the first breach that I can remember that happened off of an AWS server," he said.

Thompson once worked for AWS as a software engineer. Samtani says it's possible that she may have become aware of the vulnerability in the firewall during her time with the company.

"When organizations have somebody as part of their IT, software development, or technical team, how do they appropriately revoke their privileges and make sure that the knowledge remains with the institution and doesn't go away with the employee without changing everything over again?" said Samtani. "It's a key issue that any organization needs to face."

To protect yourself from such an attack, Samtani recommends practicing cyber hygiene. 

"Changing username and passwords frequently, being aware of all the information that you're providing about yourself online, and that you're okay with the information that's out there about you."

Though data breaches seem to be occurring more often, Samtani says "there are a lot of major companies that are doing absolutely everything in their power to make sure that they're not one of these companies that get breached."

Additionally, large corporations aren't the only businesses that are targeted by hackers. 

"We're seeing a lot of attacks on the small and medium sized businesses that may not have the funds to generate a dedicated security team," said Samtani.

Capital One is offering free credit monitoring and identity protection to those affected by the incident.