The personal information of more than 100 million citizens in the U.S. and Canada has been exposed in a data breach at Capital One Bank. According to the banking and credit card company, the hacker gained access to information related to credit card applications dating as far back as 2005.
Among the personal data exposed were names, addresses, dates of birth, credit scores, transaction data, Social Security Numbers and linked bank account numbers of consumers and small businesses. However, Capital One confirmed that no credit card account numbers or log-in credentials were compromised in the hack.
How to find out if your data has been stolen
At the time of this post, Capital One hasn’t released a website that lets you check if information has been comprised, but the bank has committed to inform, by letter, all U.S. individuals whose Social Security numbers were part of the hack, so keep an eye on your mail.
The bank will also reach out to affected customers and offer free credit monitoring and identity protection service. A word of caution, be wary of emails and phone calls from scammers posing as Capital One asking for your personal information. For more tips on how to recognize email and text message scams, read our posts.
What to do if you’re worried about your data security online
Capital One isn’t the first financial organization to suffer a data breach, but it’s certainly one of the biggest. And although the bank hasn’t created a guide on its website to provide advice, like Equifax did when it suffered a massive data breach, there are steps you can take if you suspect your personal information has been stolen:
- Pay attention to your bank statements – Nowadays, we all use online banking apps to transact and keep track of our finances. This makes it even easier to check our account and statements on a daily basis and spot something that may be out of place in good time.
- Place a fraud alert – If you suspect that you’ve been a victim of fraud, you can report this to a credit reference agency. By notifying creditors, they would take necessary steps to make sure they verify that you are actually making new credit requests in your name. You can either place an initial fraud alert that stays on your credit report for 90 days, or you could choose an option of an extended alert which stays for 7 years.
- Freeze your credit – In the worst-case scenario in a data breach, your Social Security Number and personal information could be used for identity theft. To avoid this, you can freeze your credit by contacting a credit reporting company such as Equifax, Experian and TransUnion.
It’s also important that you keep copies of all documents, expenses and records of your conversations about the theft.
Do you want to know more about identity theft and how to protect your data? Check out our posts on similar topics:
- How can I prevent identity theft?
- What type of data security policy should I put in place for my small business?
- Cambridge Analytica: What You Need To Know