How to find out if your data was stolen in the Capital One hack, and what you can do about it (COF)


capital one

  • Over 100 million Capital One customers had their data compromised, including Social Security and bank account numbers, the company announced on Monday.
  • Capital One says, “it is unlikely that the information was used for fraud or disseminated by this individual,” but the company is still investigating.
  • If you’re a Capital One customer, you’re likely wondering what to do. Here’s what the company suggests.
  • Visit Business Insider’s homepage for more stories.

Capital One revealed a major data breach on Monday afternoon.

Over 100 million people had their personal information taken, ranging from Social Security to bank account numbers and names. If you applied for a Capital One credit card at any point “from 2005 through early 2019, there’s a good chance you’ve been affected.

But how to find out for sure? Here’s what we’ve got so far:

SEE ALSO: Capital One says it was hit with data breach, affecting tens of millions of credit card applications

First and foremost, here’s a comprehensive list of what Capital One says was lost in the data breach:

According to Capital One, the breach “affected approximately 100 million individuals in the United States and approximately 6 million in Canada.” Moreover, the primary targets of the hack were, “consumers and small businesses as of the time they applied for one of our credit card products from 2005 through early 2019.”

More plainly, that means if you applied for a Capital One credit card at any point in the 14 years between 2005 and 2019, you are likely an impacted party.

What data was taken in those instances? “Names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income.”

And that’s not all: “About 140,000 Social Security numbers” from credit card customers were taken, “about 80,000 linked bank account numbers” from secured credit card customers, and a whopping 1 million Social Insurance Numbers were stolen from Canadian credit card customers.

It is, in short, a huge mess.

So, how to know if you’ve been impacted? There’s a few things to do. 1. Wait patiently for Capital One to tell you whether or not you’ve been impacted by the data breach.

After announcing the data breach on Monday, Capital One said it would, “notify affected individuals through a variety of channels.”

Moreover, the company is offering, “free credit monitoring and identity protection available to everyone affected.”

It is unclear if any of the 100 million-plus affected individuals have been notified — as of publishing, none of the Capital One customers in our newsroom had received any correspondence. Representatives for the company didn’t respond to repeated requests for comment.

The company has yet to send a general notification to customers about the hack — the only way to learn about it was through social media and news reports.

Tweet Embed:
I have multiple Capital one cards, but found out via Twitter, yall couldn’t be bothered to send an email, a letter, a text, nothing!

2. Freeze your credit!

In the worst-case scenario in a data breach like this, your Social Security number and personal information could be used for identity theft. In a slightly less awful possibility, your credit card could be used to buy things against your will. And in an even less awful possibility, you may see an increase in attempted “phishing” attacks via email and/or phone — more spam emails, and more robocalls, essentially.

There is, at the very least, one solid option for protecting against the worst scenario: A credit freeze.

Check out our full instructions right here for freezing credit with the various credit score agencies.

3. Stay vigilant! Monitor your credit card bill, and report any potentially fraudulent activity to Capital One.

At the bare minimum, there’s one very easy security protection you can enact: Pay attention to your credit card bill and your bank statements!

If you see something show up that looks out of place, call your credit card company/banking institution. 

Notably, Capital One says that “no credit card account numbers or log-in credentials were compromised” in the breach, “and over 99 percent of Social Security numbers were not compromised.” Which is to say that it’s unlikely you’ll suddenly encounter fraudulent transactions on your credit card or in your bank account — but it sure doesn’t hurt to pay slightly closer attention.

4. Consider an identify theft protection service.

Between the massive Equifax data breach of 2017 and the massive Capital One data breach this week, it’s been a bad few years for keeping personal data secure.

If it’s freaking you out, that’s totally understandable. Perhaps it’s time to consider enrolling in an identity theft protection service.

Both Equifax and Capital One are offering free identity theft protection to the hundreds of millions of people affected in their respective breaches, but you may want to shop around and decide which of the many different identity theft prevention services is right for you.