Following the recent Capital One data breach which affected 100 million individuals in the United States and approximately 6 million in Canada, Rep. Jim Jordan (R-OH) has announced a federal inquiry into the massive invasion of consumers’ private financial information.
Breitbart News has obtained letters sent by the office of Rep. Jim Jordan (R-OH) to Capital One and Amazon requesting information on the data breach from both companies as a federal inquiry is prepared. Amazon Web Services provided cloud storage services for Capital One at the time of the data breach according to court filings.
The letter to Capital One CEO Richard Fairbank states: “The Committee regularly conducts oversight of data breaches at financial institutions.’ To help us more fully understand Capital One’s recent incident and its potential to affect millions of Americans, we ask that you please arrange for a staff-level briefing on the incident, its nature and scope, as well as Capital One’s response to the disclosure. Please provide the briefing as soon as possible, but no later than August 15, 2019. If you have any questions about this request, please contact Committee staff at [REDACTED]. Thank you for your attention to this matter.”
Similarly, a letter to Amazon CEO Jeff Bezos discusses Amazon’s role to the data breach stating:
According to court filings, the Capital One data was stored on a cloud storage service provided by Amazon Web Services (AWS).5 The outside individual who accessed the data was allegedly a former AWS employee. Because AWS will provide the trusted Internet connection and cloud support for the 2020 Census and could potentially run the Department of Defense’s Joint Enterprise Defense Infrastructure cloud computing system, the Committee may carefully examine the consequences of this breach.
We respectfully request a staff-level briefing no later than August 15, 2019, on the current status of AWS security protocols in place to ensure the security of sensitive personal and government data. If you have any questions, please contact the Committee staff at [REDACTED]. Thank you for your attention to this serious matter.
Capital One told NBC News in a statement that the breach affected approximately 100 million individuals in the United States and approximately 6 million in Canada. Capital One insists, however, that no credit card account numbers of login details were accessed in the breach, and that less than one percent of social security numbers have been compromised.
Capital One was contacted on July 17 by an anonymous individual alleged that the leaked data which was later discovered to belong to Thompson had been posted GitHub, a website used by software engineers to post and collaboratively develop digital projects. The post was investigated by Capital One staff and appeared to include detailed instructions on how to access Capital One’s private information. The bank stated that 140,000 Social Security numbers and 80,000 bank accounts were potentially put at risk as a result of the data breach.
FBI cyber investigators successfully matched the Github account to a transgender person named Paige Thompson who previously workers as a systems engineer for Cloud Computing Company. Further investigation also showed that Thompson has created a messaging channel in which she claimed to have obtained other data using the code she posted to Github. The FBI also believes that Thompson owns a Twitter account which contacted Capital One on July 18 stating that it was in possession of social security numbers.
In a Twitter message obtained by the FBI, Thomspon going by the pseudonym “erratic” said that he had “basically strapped myself with a bomb vest, f—ing dropping capitol one dox and admitting it.” Thompson stated that he was in possession of social security numbers and other personal details, implying that he planned to distribute this information publicly writing: “I wanna distribute those buckets I think first.”
Read more about how to protect yourself from the data breach here.