StudyDaddy Article Writing In the first milestone, you identified a recent security incident that took place. There were multiple incidents that were chosen such as Target, OPM, Equifax, Home Depot, and so many more. In the sec

In the first milestone, you identified a recent security incident that took place. There were multiple incidents that were chosen such as Target, OPM, Equifax, Home Depot, and so many more. In the sec

Capital One cyber security incident


Capital One cyber security incident

Naveen Kumar Mandedi
Graduate Student
University of the Cumberlands
Emerging Threats & Countermeasures (ITS 834-20)
Week-4


Capital one was hacked using botnets and other crypto-jacking software, which looks for vulnerabilities in the system and passes information back to the hacker. Most of the client data were stolen, which led to a massive loss of credit card details. The FBI captured the supposed hacker, Paige Thompson a 33-year-old Seattle resident who recently worked for Amazon. Capital One confirmed that the hacker broke into a server by abusing a setup weakness in a web application firewall (Novaes Neto, N., et al, 2020). The hacker managed to get away with about 106 million worth of client data in Canada and the US.

Most of the data received by the hacker originated from Visa applications put together by clients from 2005 through mid-2019 (Lu, J., et al, 2019). It included names, addresses, telephone numbers, birthday events, messages, and self-announced pay data. The cybercriminal additionally got incomplete information about the transactions that happened between the years 2016 and 2018. The penetrated information did exclude credit card numbers. Capital One's announcement on its site said that social security numbers were also stolen by the hacker.

The hacker had a motive because in gaining the client information from the company, she would be able to sell that information to other groups of hackers. The company was however able to do a fast vulnerability and risk assessment to ensure that the stolen data were made obsolete. The company could have used more of intrusion detection systems to ensure that a fast response to the incident was made. To ensure further security, the company could have installed more firewalls to protect the system from such an attack.


References

Lu, J. (2019). Assessing the Cost, Legal Fallout of Capital One Data Breach. Legal Fallout of Capital One Data Breach (August 15, 2019).

Novaes Neto, N., Madnick, S., de Paula, M. G., & Malara Borges, N. (2020). A Case Study of the Capital One Data Breach (Revised).

Novaes Neto, N., Madnick, S., de Paula, M. G., & Malara Borges, N. (2020). A Case Study of the Capital One Data Breach. Stuart E. and Moraes G. de Paula, Anchises and Malara Borges, Natasha, A Case Study of the Capital One Data Breach (January 1, 2020).

Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!