What to do after the Capital One data breach

A recent data breach of over 1 million Capital One credit cards and accounts by a hacker might have exposed your consumer data.  Compromised data includes approximately 140,000 Social Security numbers, 80,000 bank account numbers for U.S. customers, and 1,000,000 Social Insurance Numbers (SINs) for Canadian credit card customers.  The personal data of over 100 million U.S. Customers and 6 million Canadian customers as well as information on applications was also exposed for customers who applied for credit card and account services between 2005 to 2019.

Exposed information includes names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income.

What should you do:

If you are a Capital One customer, it’s not just your Capital One account that’s at risk.  Your personal information can be used to gain access to your other accounts, emails, and online logins.

  1. If any of your passwords contain PII, change them. Never use your DOB, SSN, address, or family names as part of your passwords.  It makes them easy to crack if this information is leaked. Make sure you have unique and strong passwords for your email accounts, financial accounts, and iCloud account (if you are an Apple user).
  2. Never use your PII as the answer to account reset questions or security questions. Assume cybercriminals know your mother’s maiden name, your last address, and your SSN…so don’t use that info as the answers to security questions on your accounts.  Instead, choose something random as the answer (ex: Even if the question is “What’s your mother’s maiden name,” your answer can be whatever you want to make up).
  3. Add two-factor authentication to secure your accounts. Add the extra step to your account logins so a unique one-time code, in addition to your password, is required to log in.  If you have the option to have the unique code generated by an app or sent via text message, choose the app. (It’s more secure.)
  4. Freeze your credit reports. A criminal could attempt to use the leaked information to take out credit in your name. While Capital One is offering free credit monitoring to affected customers, the Equifax breach showed this is not the most secure way to protect your credit. If you really want to secure your credit, add a credit freeze to your report and don’t settle for credit monitoring.
  5. Need help with the above? Contact our Rubica team for help.  All Rubica customers have unlimited access to our on-call cybersecurity experts for advice and assistance.

Rubica protects your digital privacy and security – both through our services and our advocacy for your consumer rights.