News reports say that a Seattle hacker stole 100 million credit applications. She is an ex-employee of Amazon’s AWS service that housed the Capital One database. Before talking about this incident from a risk management standpoint, I am a little surprised that Capital One, #98 on the Fortune 100 with $6B in profits last year, can’t/won’t build a sufficient IT infrastructure. I guess they decided to Transfer the risk.
I can’t wait to hear the entire story. A female hacker that failed to graduate from the local community college (that I taught at!) is an interesting story.
From a risk management perspective, there are several angles. Perhaps she stole the data while she was an employee and just got caught now. It’s possible that when she left Amazon, the exit process where all her accounts are disabled may not have been followed. Maybe she had inside help.
But maybe she hacked one of the largest tech companies in the world to get data from one of the largest financial companies in the world. Wow!
[…] As a follow up on the post about risk management and the hack of Capital One, the Wall Street Journal is now reporting that […]