Milestone 2

profileRak1993
CapitalOne-SecurityProtocols_RakeshKalumula.pdf

Running head: SECURITY PROTOCOLS 1

Security Protocols

Name: Kalumula Rakesh

Id: 002836752

SECURITY PROTOCOLS 2

CAPITAL ONE

The data breach is an emerging challenge facing individuals, government, and private

sectors due to the advancement of information technology (Manworren, 2016). Data has become

an essential asset in many organizations and thus, increasing pursuit of hackers to access this

database illegally. Organizations have turned their effort in securing the information system;

however, this effort this operation has been undermined by various factors such as advanced

technology that empowers hackers, inside malice, weak system, and irresponsible users. Inside

malice is of the main contributor to a security breach; in this unauthorized access to the database

is facilitated by trusted people making it hard to manage—capital One data breach robust

example inside malice.

The Capital One hack was conducted between in March 22 and 23 in 2019; The breach

was detected in June 2019. The system hacker gained access to customers information of almost

106 million clients and applicants. According to the report released by Capital One management,

the breach facilitated compromise of data related to clients' credit card applications from 2005 to

2019 (Colby, 2019). The personal data exposed in this includes the name, date of birth, credits

scores, address, social security numbers, and transactional data. In a quick response, the firm

notified the clients whose data were exposed and canceled all the credit cards that were believed

to be exposed.

The data breach was conducted by former Amazon Web Service software engineer, Ms.

Thompson Paige. At the time of the attack, AWS hosted the capital One database. FBI

investigators noticed Thompson on her online activities that indicated suspicious activities

revealing data theft. Further, the investigation revealed that she was behind a group social

SECURITY PROTOCOLS 3

network group known as “Seattle Warez Kiddies” that conducted illicit hacking (Flitter, 2019).

The hacker is believed to be observing the firm data system while she was working at AWS and

identified the security weakness in the Capital One database.

SECURITY PROTOCOLS 4

References

Colby, C. (2019) Capital One data breach: What you can do now following bank hack. Retrieved

by May 30, 2020, from https://www.cnet.com/how-to/capital-one-data-breach-what-you-

can-do-now-following-bank-hack/

Flitter, E.& Weise, K. (2019) Capital One Data Breach Compromises Data of Over 100 Million:

New York Times. Retrieved by May 30, 2020, from

https://www.nytimes.com/2019/07/29/business/capital-one-data-breach-hacked.html

Manworren, N., Letwat, J., & Daily, O. (2016). Why you should care about the Target data

breach. Business Horizons, 59(3), 257-266.