Capital One breach: A reason to reduce one's exposure to multiple accounts | Credit card reward programs | Discussion forum

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

No permission to create posts
sp_Feed Topic RSS sp_TopicIcon
Capital One breach: A reason to reduce one's exposure to multiple accounts
July 29, 2019
7:15 pm
User230
Member
Members
Forum Posts: 184
Member Since:
December 4, 2016
sp_UserOfflineSmall Offline

Recently, Desjardins.

Now, Capital One:

https://globalnews.ca/news/5700226/capital-one-data-breach-canada/

It is a big issue now a days.

SIN numbers and bank account information stolen.

I closed my Capital One account a few days ago because I never use it. Now i learn my data likely was compromised....

The only way I can come up with, to reduce ones exposure to hackers, is by reducing ones accounts.

It is for sure making me think of getting rid of other accounts. I do not want my life turned upside down by identity theft.

What do you people think?

Notes: The application histories were compromised. So you might never have had a Capital One card you could still be part of this.

July 29, 2019
8:46 pm
Norman1
Member
Members
Forum Posts: 7111
Member Since:
April 6, 2013
sp_UserOfflineSmall Offline

I receive significant benefits from having accounts at multiple financial institutions. Those benefits overshadow the increased likelihood and cost of cleaning up after a data breach at one of the financial institutions.

It is similar with using road transportation. The benefits of travel by car or bus outweigh the increased likelihood and cost of being in a traffic accident.

July 29, 2019
9:30 pm
Loonie
Member
Members
Forum Posts: 9376
Member Since:
October 21, 2013
sp_UserOfflineSmall Offline

And it's not just Desjardins and CapitalOne. There was Peoples a few years back, Equifax, and some others I can't specifically remember.

I don't know any good solution. I do try to keep the number of institutions I deal with to a minimum, but until CDIC increases its limits and the federal government establishes a good protocol to protect us when these incidents happen,
I hesitate to ask the government to do this, remembering the colossal
failure with the ability of the government to pay its employees properly due to the failure of the Phoenix system, but there is no other body that can assume this responsibility.

Such incidents will continue to happen. Over time, it will be hard for anyone to avoid them. That's why we need a protocol as to what we can do and what those in authority will do to protect us from exploitation.
I suggest that, where possible, to try to maintain a personal relationship with a bricks and mortar branch staff person. At least there will be one person in the industry who can verify your identity because they know you. The loss of the interpersonal experience in banking creates a big risk in itself.
Accordingly, I visit my Meridian person a couple of times a year probably. I have no hope of being recognized at the two Big Bank branches I have patronized for over 30 years, but soeone at Meridian does know me after only 3 years.
Some people on this forum have scoffed at the need for bricks and mortar but this is an example of why it could matter. When I go into Meridian, they don't ask to see my ID every time. They don't have to because they know who I am.
This situation might be an argument to keep most of one's money in one MB CU, I suppose. Unlimited insurance could mean unlimited deposits.

I'd like to know more about the quality of the protections that the various FIs have in place. But I don't know how to find out or assess it. I think this should be more available. Perhaps we need higher standards as a requirement? We certainly should have some tools to evaluate it just as we do for solvency. Regulatory authorities are very keen on the financial aspects of viability, but what do they do about the security aspects? I don't know.

Another thought: would you be better off with smaller institutions on the theory that they have fewer employees and thus fewer opportunities for rogue operators? It won't prevent outside hackers, but the latter may be more interested in the larger institutions anyway.

This might be a warning though to credit card churners. Is the extra risk really worth the $100-300 you night get out of it. It's a more difficult decision with banking because the impact of excluding a FI is much greater on the bottom line.

July 30, 2019
6:36 am
savemoresaveoften
Member
Members
Forum Posts: 2971
Member Since:
March 30, 2017
sp_UserOfflineSmall Offline

Imagine you get free Equifax credit monitoring cuz ur CC was compromised, and later Equifax reported they were hacked too. No safe place esp in the modern days of clouds...

July 30, 2019
7:52 am
Bill
Member
Members
Forum Posts: 4004
Member Since:
September 11, 2013
sp_UserOfflineSmall Offline

Though I don't share Loonie's faith in gov't or other "regulatory authorities" (they're as likely to be infiltrated by embedded bad guys or staffed by corrupt and/or incompetent people, as anyone else), the suggestion to make a personal connection at your local branch is a solid one.

The media focuses on rogue employees but I'm guessing organized and disorganized crime, "terrorist" sponsors, foreign nations that are our enemies, etc are embedding legions of folks in all our institutions, including the regulatory authorities, for their own nefarious purposes. We pride ourselves on being a fee and open society, so not much you can do except be prudent as you can in your personal affairs, hope it hits your neighbour and not you, and certainly no point in worrying.

July 30, 2019
8:32 am
Kidd
Member
Banned
Forum Posts: 840
Member Since:
February 27, 2018
sp_UserOfflineSmall Offline

The scary part of all of this is...

EVERYTHING is controlled by computers these days, meaning everything is accessible to some smart code writer.

The general motors production line is 100% controlled by PLC (programmable logic controller). Every robot, every timed break (lunch, end of shift, coffee breaks, start of shift), even the ceiling light fixtures are controlled by an Allen Bradley PLC.

The engineering staff use the wireless network to access the programming. We on the floor used hard wired connections. But imagine being able to change a robot's safety conditions, without being near the robot? Result, the production line tears itself apart, or in the worst case scenario people die.

Waste water management is controlled by computers. When conditions are met, the water is deemed safe to drink and then it's pumped to your kitchen tap.

Darlington and Pickering nuclear power plants are also controlled by computers.

Airplanes in mid flight can be accessed by ground computers. Drones are controlled from the ground.

Google has openly admitted that their friendly home access devices are easily hacked.

Your government believes in the good nature of people, so nothing bad will happen, how could it? The fiscal budget will balance itself. Your government has assured the environmentalists that these "new" pipelines will never leak.

Iceberg right ahead. Man the lifeboats, wait... we don't have any lifeboats.

July 30, 2019
8:56 am
Vatox
Member
Members
Forum Posts: 1218
Member Since:
October 29, 2017
sp_UserOfflineSmall Offline
July 30, 2019
9:15 am
Kidd
Member
Banned
Forum Posts: 840
Member Since:
February 27, 2018
sp_UserOfflineSmall Offline

Vatox, i thought we lost you. That you'd taken your bar of gold, canned food, pocket knife and run to the hills waiting for our doomsday to end. Did you run out of canned food?

Welcome back.sf-laugh

July 30, 2019
9:37 am
Vatox
Member
Members
Forum Posts: 1218
Member Since:
October 29, 2017
sp_UserOfflineSmall Offline

Kidd said
Vatox, i thought we lost you. That you'd taken your bar of gold, canned food, pocket knife and run to the hills waiting for our doomsday to end. Did you run out of canned food?

Welcome back.sf-laugh  

Lol. I came back because I didn’t want to miss watching the apocalypse unfold! sf-laugh

Edit: no TV or internet up in the hills.sf-cool

August 8, 2019
1:48 pm
Winnie
Ontario
Member
Members
Forum Posts: 472
Member Since:
December 7, 2011
sp_UserOfflineSmall Offline

Lucky me, just received this letter:

We’re contacting you about a recent cybersecurity incident impacting Capital One. Based on our investigation, we believe your personal information may have been obtained as part of this incident. We’re deeply sorry for the understandable worry this has caused and are committed to making this right.

We’re providing you with 2 years of free credit monitoring and identity theft insurance from TransUnion.

About the incident.

On July 19, 2019, we determined there was unauthorized access to our systems by an outside individual. This person obtained certain personal information relating to Capital One credit card customers, and people who had applied for our credit card products. Based on our investigation, this occurred on March 22 and 23, 2019.

We immediately fixed the vulnerability that this individual exploited and promptly began working with United States federal law enforcement. The person responsible has been arrested for her conduct. We believe it’s unlikely that the information was used for fraud or was disseminated by this individual.

Personal information impacted.

Our investigation has determined that the person responsible may have gained access to the following information:

Personal information routinely collected at the time we receive credit applications, including name, address, postal code, phone number, email address, date of birth and self-reported income.
Customer status data, including credit score, credit limit, account balance, payment history and contact information.
Fragments of customer transaction data from a total of 23 days during 2016, 2017 and 2018.

Based on our investigation to date, your Social Insurance Number may have been obtained as a result of this incident.

No credit card numbers, PIN codes or login credentials were compromised as part of this incident.

We’re taking a number of steps for your protection.

Safeguarding your information is essential to us, and we’ll continue to invest heavily in cybersecurity. We immediately took action to fix the vulnerability which led to this incident and have engaged cybersecurity experts to assist us in our investigation. We’ve also put in place additional monitoring to help ensure similar incidents will not occur in the future. We’ll incorporate what we learn from this incident to further strengthen our cyber defenses.

We’re also providing you with 2 years of free credit monitoring and identity theft insurance with TransUnion myTrueIdentity.

August 8, 2019
2:21 pm
Briguy
Member
Members
Forum Posts: 722
Member Since:
March 17, 2018
sp_UserOfflineSmall Offline

I had a Capital One credit card from Costco that I cancelled a few months ago, so I didn't even get a letter or email, but I would have had my SIN and other information exposed. That's even worse. I hear there's two class action lawsuits starting up, one in Ontario and one in Vancouver.

August 8, 2019
2:31 pm
Loonie
Member
Members
Forum Posts: 9376
Member Since:
October 21, 2013
sp_UserOfflineSmall Offline
August 8, 2019
2:52 pm
Doug
British Columbia, Canada
Member
Members
Forum Posts: 4269
Member Since:
December 12, 2009
sp_UserOfflineSmall Offline

Loonie said
The Ontario class action is being taken up by Diamond and Diamond. I don't know who is doing the Vancouver one.
Diamond has had some run-ins with the legal profession.

https://www.thestar.com/news/investigations/2018/08/17/law-society-triggers-hearing-into-diamond-diamonds-marketing-client-referrals.html

https://www.thestar.com/news/investigations/2018/03/29/jeremy-diamond-appeals-professional-misconduct-finding-to-law-society-tribunal.html  

I'm not from Ontario, but even I've heard of Diamond and Diamond's less than stellar legal reputation. Kind of reminds me of a sort of "low rent" version of Siskinds LLP (another serial class action lawsuit filer), also based in, where else, London, Ontario. (What is with London, Ontario, being the centre of class action law firms and marketing company focus groups/trial ad compaigns? 😉 )

I suspect, since the perpetrator, Paige Thompson, of Seattle, Washington, admitted to not having released the data, Capital One's monetary liability will be comparably small. If the settlement is larger than $50 million, I will be surprised. As well, it can be argued that her employer, cloud storage provider Amazon Web Services LLC, a unit of Amazon.com, Inc., arguably has more to lose and more liability in this. They could be the bigger target anyway. Certainly bigger pockets.

Cheers,
Doug

August 8, 2019
5:23 pm
Joebart
Member
Members
Forum Posts: 65
Member Since:
January 7, 2016
sp_UserOfflineSmall Offline

Class action lawsuit is nothing else but the way for fat lawyers to stuff their pockets at expense of public. They always settle and keep majority of the money for themselves and distribute small change to the public. I was a part of class action lawsuit with TOYOTA some time back. I have purchased brand new Toyota Camry and few days after that all hell broke loose with “ unintended acceleration”. I got a letter from Toyota with scary bald letter warning that in case of unintended acceleration we should brake, pull over and remove the keys. If that was the case or not it is not important. My wife did not want to look in this car direction for 5 months. It was standing in my garage so I had to trade it for another vehicle and lost right way over $6 000.
The law firm settled with Toyota, kept most of the money and distributed the rest to poor folks like me. They offered $17.50 in compensation and since I already sold the car I was not eligible even for that. ALL THAT CLASS ACTION LAWSUITS ARE JUST MONEY GENERATING SCAM……..do not count on it ever.

August 9, 2019
5:22 am
Kidd
Member
Banned
Forum Posts: 840
Member Since:
February 27, 2018
sp_UserOfflineSmall Offline

Joebart.

My post #3 in this thread was a rant with links, where i angrily stated the Canadian judicial system is of NO help or benefit to victims in canada.

August 9, 2019
11:35 am
Joebart
Member
Members
Forum Posts: 65
Member Since:
January 7, 2016
sp_UserOfflineSmall Offline

Kidd!
We are on the some wave most of the time and that is really rare..sf-cool

August 9, 2019
12:09 pm
Loonie
Member
Members
Forum Posts: 9376
Member Since:
October 21, 2013
sp_UserOfflineSmall Offline

CostCo Canada must be wishing they'd never left Amex for Capital One MC.

August 10, 2019
10:51 pm
Canadianbull
Member
Members
Forum Posts: 389
Member Since:
December 26, 2018
sp_UserOfflineSmall Offline

I have $230 cash back on my card. I am wondering if I cancel my card. Will they still send me a cheque?

August 10, 2019
11:32 pm
Norman1
Member
Members
Forum Posts: 7111
Member Since:
April 6, 2013
sp_UserOfflineSmall Offline

Yes, if one cancels in February after the annual rebate coupon arrives with the January statement.

From the GREAT REWARDS & BENEFITS booklet:

• Upon account closing, you will lose any remaining cash back.

• A rebate coupon is only issued to the accountholder; authorized users on the account do not receive rebate coupons.

• To be eligible for a rebate coupon, your account must be open and in good standing at the time your rebate is calculated. In good standing means not past due, over the credit limit, fraudulent, restricted or part of a consumer credit counselling program or bankruptcy.

No permission to create posts

Please write your comments in the forum.