Congress wants Capital One, Amazon to explain data breach

Congress wants Capital One, Amazon to explain data breach
In this July 16, 2019, file photo, a man walks across the street from a Capital One location in San Francisco. A security breach at Capital One Financial, one of the nation's largest issuers of credit cards, compromised the personal information of about 106 million people, and in some cases the hacker obtained Social Security and bank account numbers. (AP Photo/Jeff Chiu, File)

Leaders of House and Senate committees want Capital One and Amazon to explain to Congress how a hacker accessed personal information from more than 100 million Capital One credit applications.

The incident was the latest massive data breach at a large company.

Ohio Rep. Jim Jordan, the top Republican on the House Oversight and Reform Committee, asked for a staff-level briefing by Aug 15 on the breach that was reported late Monday.

The chairman of the Senate Banking, Housing and Urban Affairs Committee said the committee will look into the matter. Sen. Mike Crapo, R-Idaho, plans legislation that would establish new data safeguards for consumers.

"I have concerns about all aspects of this," Crapo told reporters this week. "We want to understand how this happened, how other breaches happened ... and we want to know how vulnerabilities (appear) in systems and figure out what we must do to deal with them at a policy level."

In a letter Thursday to Amazon CEO Jeff Bezos, Jordan and other Republicans on the House note that Capital One data was stored on a cloud service provided by Amazon Web Services. The suspected hacker , Paige Thompson, is a former Amazon software engineer.

FBI agents arrested Thompson on Monday for allegedly obtaining from more than 100 million Capital One credit applications, including roughly 140,000 Social Security numbers and 80,000 bank account numbers. There is no evidence the data was sold or distributed to others.

Congress wants Capital One, Amazon to explain data breach
The logo for Capitol One Financial appears above a trading post on the floor of the New York Stock Exchange, Tuesday, July 30, 2019. A security breach at Capital One Financial, one of the nation's largest issuers of credit cards, compromised the personal information of about 106 million people, and in some cases the hacker obtained Social Security and bank account numbers. (AP Photo/Richard Drew)

The House members also want Capital One to describe the scope of the incident and the company's response.

Spokesmen for Capital One and Amazon did not immediately respond to requests for comment Thursday.


Explore further

Q&A: What to know about the Capital One data breach

© 2019 The Associated Press. All rights reserved.

Citation: Congress wants Capital One, Amazon to explain data breach (2019, August 1) retrieved 17 September 2019 from https://techxplore.com/news/2019-08-congress-capital-amazon-breach.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
6 shares

Feedback to editors

User comments

Aug 02, 2019
The problem is when bugs and issues are found we have to do such a ridiculous process to report issues. Or are not taken serious. Maybe look into why support for http is still valid or used by many sites and apps. Then see what else happened with breaches and then why one thing that's in common could possibly be something we should ask why this was not looked into. Still wanting answers on reports of issues I had never have been addressed yet were secretly put in updates to security patches with apps and mobile sites.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more