DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Capital One to settle 2019 data breach class action lawsuit for $190 million

Posted on May 13, 2022 by Dissent

Capital One will pay $190 million to resolve claims it jeopardized customer information in a 2019 data breach.

The settlement benefits around 98 million Capital One customers whose information was compromised as part of the 2019 data breach.

Read more at TopClassActions.

This settlement is separate from the $80million penalty Capital One was fined in 2020 by the Office of the Comptroller of the Currency.

One of the significant aspects to this litigation is that  the court ordered the bank to turn over Mandiant’s forensic investigation to plaintiffs, holding that it was not privileged. That decision has already resulted in lawyers for entities rewording their contracts for forensic investigations to make clear that the forensics is not routine scope of work but is being done for litigation defense purposes (which would put it back in the privileged work product framework, it seems).

And for those who didn’t follow the case closely at the time, the person allegedly responsible for the hack, Paige A. Thompson, aka “Erratic,” is a former  Amazon Web Services (AWS) engineer. Thompson was quickly caught, in part, because she bragged on GitHub about a misconfigured web application that she found that enabled her to download Capital One’s data.  In June, 2021, the government added more counts to a superseding indictment. The case is still ongoing, and it appears that the defense lost on its motion to dismiss Counts 2-8. On May 5, the defense tried again, submitting a motion to reconsider the order denying dismissal.

The Capital One attack is one of a number of attacks Thompson was allegedly responsible for.

Readers can find some past coverage of the developments in this case by searching this site for “Capital One” coverage beginning in 2019.

The settlement claim site can be found here.

Category: Financial SectorHackOf NoteU.S.

Post navigation

← Cybercriminal Sentenced To Federal Prison For Decrypting The Credentials Of Thousands Of Computers Across The World And Selling Them On A Dark Web Website
Mission School District suffers IT breach, phishing emails being sent from teachers’ accounts →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hearing on the Federal Government and AI
  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Decision That Murdered Privacy
  • Hearing on the Federal Government and AI
  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.