Earlier this week, Capital One announced a data breach affecting 100 million people from the U.S. and six million from Canada. Sensitive customer information, including credit card application data, transaction history, contact information, as well as credit scores, limits, and balances, was compromised during the attack.
Today, Capital One has said that it will be contacting those impacted by the company’s data breach by either letter or email, starting next week. Moreover, the bank has warned against giving out any personal information to anyone claiming to be from Capital One if a call is received since they will not be notifying anyone by phone.
The bank says it is working with authorities from the U.S. and Canada, including the Office of the Privacy Commissioner of Canada, to protect affected individuals.
“Unfortunately, it’s appalling but not surprising,” said Ann Cavoukian, executive director of the Privacy by Design Centre for Excellence and Ontario’s former privacy commissioner.
“Companies are simply under-resourced. They’re not devoting the resources required for strong security.”
She also said those who had their social insurance numbers and other personal data compromised could be prime victims of identity theft.
According to Capital One, “no credit card account numbers or log-in credentials” have been compromised and only 1% of Social Security numbers were compromised.