More than 100 million individuals in the United States and approximately 6 million in Canada were affected in the breach. This was as a result of a misconfiguration vulnerability in Capital One’s infrastructure.
According a statement released by Capital One “based on our analysis to date, this event affected approximately 100 million individuals in the United States and approximately 6 million in Canada.”
Data breaches due to web servers misconfiguration, unsecured servers and databases are on an alarming increases. Of course, no organisation is totally immune to data breach but one thing to note in this breach is that the unauthorised access (hacker) were able to decrypt the encrypted data in Capital One’s infrastructure. ”we encrypt our data as a standard. Due to the particular circumstances of this incident, the unauthorized access also enabled the decrypting of data.”
This is very likely that:
- Server side encryption is used
- The encryption/decryption key resides on the server
- There’s probably no privilege access prevention /escalation in place
This again points out the need for proper cryptographic key management and privilege access restrictions.
More details about the breach here