Capital One has disclosed that a data breach was identified earlier this month affected approximately 100 million individuals in the United States and 6 million in Canada. The largest category of exposed data was information on consumers and small businesses at the time they applied for Capital One credit card products from 2005 to early 2019.

The data breach exposed personal information of its customers, including social security details and bank account numbers.  Capital One stated that about 140,000 Social Security numbers of its credit card customers, approximately 80,000 linked bank account numbers, and one million Canadian Social Insurance numbers were compromised. Additional information was also exposed: names, addresses, zip codes, phone numbers, email addresses, dates of birth, self-reported income, credit scores, credit limits, balances, payment history, and fragments of transaction data from a total of 23 days during 2016-2018.

What Consumers Can Do

For now, be vigilant about monitoring your credit card accounts for unusual or suspicious activity. Capital One has stated it will notify affected consumers through “a variety of channels” and will offer free credit monitoring and identity protection to all affected.  Be careful about the possibility of phishing emails and calls because of this breach, fraudulent attempts to access personal information or bank account by posing as a legitimate Capital One personnel or other official.  Capital One is not calling customers to ask for credit card information or Social Security numbers over the phone or by email.  Report emails suspected of phishing activity by forwarding it to the official Capital One security account, abuse@capitalone.com.  Monitor your credit card accounts for unusual or suspicious activity.

For more information and updates on how to tell if you have been affected, visit the Capital One website established for this breach.