Insider Threats : Capital One case
One of the most significant insider threat incidents in recent years occurred at Capital One in 2019, resulting in a massive data breach that cost the company dearly in terms of financial losses and reputational damage. The incident involved Paige Thompson, a former Amazon Web Services (AWS) employee, who exploited a badly configured firewall to access Capital One's cloud-based data.
What happened :
Thompson managed to obtain personal information of over 100 million Capital One customers and credit card applicants in the United States and Canada. The stolen data included names, addresses, phone numbers, email addresses, dates of birth, and income information. In some cases, Social Security numbers and bank account numbers were also compromised.
The breach was discovered in July 2019 when Thompson boasted about her actions on social media platforms. Capital One promptly notified federal law enforcement and began working to address the situation. However, the damage was already done.
The Damage :
The financial impact on Capital One was substantial. The company estimated that the breach would cost between $100 million to $150 million in the short term, primarily due to customer notifications, credit monitoring, technology costs, and legal support. Moreover, Capital One's stock price dropped significantly following the announcement of the breach, erasing billions in market value.
The reputational damage was equally severe. Capital One, a major player in the financial services industry, faced intense scrutiny from regulators, customers, and the media. The incident eroded trust in the company's ability to protect sensitive customer information, potentially affecting customer retention and acquisition.
The Solution :
What makes this case particularly frustrating is that a more thorough background check and ongoing monitoring of employee activities could have potentially prevented or mitigated the breach. While Thompson was not a direct employee of Capital One, her previous employment at AWS and her online activities could have raised red flags if properly investigated.
A comprehensive background check might have revealed Thompson's history of unstable behavior and her tendency to discuss sensitive information online. Additionally, implementing stricter access controls and monitoring systems for cloud-based data could have detected and prevented unauthorized access attempts.
This incident underscores the critical importance of not only conducting thorough background checks on employees and third party by having a Human Risk Management . The cost of implementing these preventive measures pales in comparison to the financial and reputational damage caused by such breaches.
Source : https://www.nytimes.com/2022/06/17/technology/paige-thompson-capital-one-hack.html