Capital One fined $80 million over data breach
The Treasury Department has fined Capital One $80 million for careless network security practices that enabled a hack that accessed the personal information of 106 million of the bank’s credit card holders.
The comptroller of the currency said in a consent order Thursday that Capital One failed to establish effective risk management when it migrated information technology operations to a cloud-based service.
It said the bank’s own internal audit failed to identify “numerous weaknesses” in its management of the cloud environment and “engaged in unsafe or unsound practices that were part of a pattern of misconduct.”
The consent order said Capital One has committed to fixing the problem. Capital One didn’t immediately respond to an email requesting comment.
Among the largest of its kind on record, the 2019 breach compromised about 140,000 Social Security numbers and 80,000 bank account numbers. Former Amazon software engineer Paige Thompson has pleaded innocent to charges related to the breach.
Thompson is set to stand trial in February.
No evidence has emerged that Thompson sought to benefit financially from the hack.
Inside the business of entertainment
The Wide Shot brings you news, analysis and insights on everything from streaming wars to production — and what it all means for the future.
You may occasionally receive promotional content from the Los Angeles Times.
