The hacker had stolen personal information from 100 million credit applications made to one of the biggest banks in the US. Financial institutions are increasingly targeted by cybercriminals seeking valuable client data.
Image: picture-alliance/Photoshot
Advertisement
US federal authorities late Monday arrested a female hacker, alias "erratic," on charges of stealing personal information from more than 100 million Capital One credit card applications.
Europol has identified the financial sector as one of the most vulnerable to cyberattacks, especially those resulting in data breaches.
The US attorney's office in Washington said: "The intrusion occurred though a misconfigured web application firewall that enabled access to the data."
According to court documents, the suspect told another Twitter user: "I've basically strapped myself with a bomb vest, f***ing dropping Capital One's dox and admitting it."
Capital One CEO Richard Fairback said in a statement: "While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened. I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right."
Authorities are still debating if and how companies should be held responsible for data breaches, especially when the personal data of millions of citizens is compromised.
What do we know about the suspect? She is a former software engineer for a Seattle-based technology company. She shared the data on the code-hosting website GitHub.
What happens next? If the suspect is found guilty, she faces up to five years in prison and a fine of up to $250,000. Capital One said it would provide free credit monitoring and identity protection for those affected.
Fighting for the internet: Social media, governments and tech companies
Germany has passed a new law on social media in 2017, despite complaints from social media companies worried about the impact on their business. But how far is too far? DW examines the trends.
Image: picture-alliance/dpa/W. Kastl
Free speech or illegal content?
Whether hate speech, propaganda or activism, governments across the globe have upped efforts to curb content deemed illegal from circulating on social networks. From drawn-out court cases to blanket bans, DW examines how some countries try to stop the circulation of illicit content while others attempt to regulate social media.
Image: picture-alliance/dpa/W. Kastl
Social media law
After a public debate in Germany, a new law on social media came into effect in October. The legislation imposes heavy fines on social media companies, such as Facebook, for failing to take down posts containing hate speech. Facebook and other social media companies have complained about the law, saying that harsh rules might lead to unnecessary censorship.
Image: picture-alliance/dpa/T. Hase
Right to be forgotten
In 2014, the European Court of Justice ruled that European citizens had the right to request search engines, such as Google and Bing, remove "inaccurate, inadequate, irrelevant or excessive" search results linked to their name. Although Google has complied with the ruling, it has done so reluctantly, warning that it could make the internet as "free as the world's least free place."
Image: picture-alliance/ROPI/Eidon/Scavuzzo
Blanket ban
In May 2017, Ukraine imposed sanctions on Russian social media platforms and web services. The blanket ban affected millions of Ukrainian citizens, many of whom were anxious about their data. The move prompted young Ukrainians to protest on the streets, calling for the government to reinstate access to platforms that included VKontakte (VK), Russia's largest social network.
Image: picture-alliance/NurPhoto/Str
Safe Harbor
In 2015, the European Court of Justice ruled that Safe Harbor, a 15-year-old pact between the US and EU that allowed the transfer of personal data without prior approval, was effectively invalid. Austrian law student Max Schrems launched the legal proceedings against Facebook in response to revelations made by former US National Security Agency (NSA) contractor, Edward Snowden.
Image: picture-alliance/dpa/J. Warnand
Regulation
In China, the use of social media is highly regulated by the government. Beijing has effectively blocked access to thousands of websites and platforms, including Facebook, Twitter, Instagram and Pinterest. Instead, China offers its citizens access to local social media platforms, such as Weibo and WeChat, which boast hundreds of millions of monthly users.
Image: picture-alliance/dpa/Imaginechina/Da Qing
Twitter bans Russia-linked accounts
Many politicians and media outlets blame Russia's influence for Donald Trump's election victory in 2016. Moscow reportedly used Facebook, Twitter, Google, and Instagram to shape public opinion on key issues. In October 2017, Twitter suspended over 2,750 accounts due to alleged Russian propaganda. The platform also banned ads from RT (formerly Russia Today) and the Sputnik news agency.
Image: picture-alliance/AP Photo/M. Rourke
Facebook announces propaganda-linked tool
With social media under pressure for allowing alleged Russian meddling, Facebook announced a new project to combat such efforts in November 2017. The upcoming page will give users a chance to check if they "liked" or followed an alleged propaganda account on Facebook or Instagram. Meanwhile, Facebook has come under fire for not protecting user data in the wake of the Cambridge Analytica scandal.
