Total Tests:

Cybersecurity experts weigh in on Capital One breach

By Buckley Smith for IT World Canada
Friday, August 2, 2019

This week’s news of the breach at Capital One Financial Corp. rocked the world and has cybersecurity experts buzzing to analyze what went wrong and advise others how to prevent similar issues at their own organizations.

Ilia Kolochenko, founder and chief executive officer, ImmuniWeb

“This is just one more colorful, albeit lamentable, example that web applications are the Achilles’ Heel of the modern financial industry. Reportedly, the intrusion had happened in March but was noticed only upon notification in late July. Given Capital One’s [comparatively] immense capacity to invest into cybersecurity and the allegedly trivial nature of the vulnerability, such protracted detection timeline is incomprehensibly huge. Legal ramifications of the breach may be both exorbitant and protracted, including regulatory fines and penalties, individual and class action lawsuits by the victims. Talking about the alleged suspect, one should remember about the presumption of innocence. The person in question could have been tricked to access or download the data without any intent to sell it or use with malice, serving as a smoke-screen to mislead law enforcement agencies. Until all the circumstances of the incident become crystal-clear, it would be premature to blame anyone. Victims should now carefully monitor their credit scores and be extremely cautious about any abnormal activities with their accounts. If the data was stolen and sold, we may expect a wave of sophisticated spear-phishing.” Read Full Article

Book a Call Ask a Question
Talk to ImmuniWeb Experts
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
Your data will stay private and confidential