08/05/2019
What happened at Capital One? And what can you could do now.
On July 29, 2019, Capital One Financial Corporation announced that they suffered a data security incident in March of this year. An unauthorized individual was able to access the sensitive personal data contained in applications for credit products from 2005 to 2019, which could affect approximately 100 million individuals in the U.S.
The personal information that was accessed included:
Full names
Physical address
Phone numbers
Dates of birth
Email addresses
Self-reported income
For some customers, additional information stolen may have included customer status data such as credit scores, credit limits, balances, payment history, and fragments of transaction data. For a small portion of applicants, about 140,000 Social Security numbers and 80,000 linked bank account numbers were exposed.
While the hacker has been apprehended, there are still a few steps experts recommend taking if you think you may have been affected.
1. Change your passwords
Capital One will be notifying affected consumers through “a variety of channels,” the company said Monday. It’s probably easier to wait until you’re contacted, rather than calling or emailing the company to find out if you were impacted.
In the meantime, it’s a good idea to change any passwords associated with your Capital One bank or credit card accounts.
2. Set up credit monitoring
Capital One says it plans to offer free credit monitoring and identity protection to affected customers. But that may take some time to organize, so it might be best to set up your own. You can do it yourself by pulling your annual free credit reports, one each from Equifax, Experian, and Transunion.
In addition to the Capital One monitoring, you may also be eligible for up to 10 years of free credit monitoring if you were affected by the massive 2017 Equifax data breach. The credit bureau entered a $700 million settlement last week and has opened a claims process.
Although Capital One says “it is unlikely that the information was used for fraud or disseminated,” it never hurts to have some monitoring in place.
3. Freeze your credit
Freezing your credit reports is your first step and only about one in four U.S. adults have frozen their credit — despite major data breaches like Equifax in 2017 and Marriott in 2018.
If you want to freeze your credit reports and haven’t already done so, you need to contact the three major credit bureaus, Equifax, Experian, and TransUnion, separately. Keep in mind that you will need to unfreeze your credit if you’re applying for any credit products in the future, like a personal loan, credit card or mortgage.
While a credit freeze will stop anyone from taking out a credit card or loan in your name, it’s not a comprehensive solution, experts say.
The biggest threat is not that a criminal could open a credit card in your name and make fraudulent transactions; that could be fixed quickly since credit card companies know about the problem.
4. Make a record of your response
Last year, there were 1,244 data breaches reported, according to the Identity Theft Resource Center. While that’s less than the number reported in 2017, the number of hacked consumer records that exposed sensitive information increased.
And each one of those hacks could lead to class-action lawsuits and investigations by regulators, like in the case of Equifax. While not all data breaches will result in a settlement, it’s good to be prepared.
Consumers should take breach notifications seriously and document what they do in response.
5. Stay alert
Ultimately, all consumers need to be vigilant about suspicious activity regardless of whether they were impacted by this most recent data breach.
You should keep an eye open for scammers contacting you.
This includes fake emails or phone calls from criminals posing as Capital One. Capital One is not calling or emailing customers to ask for information such as credit card, account information or Social Security numbers.
