Credit Card

By now I’m sure you’ve seen the news about Capital One being the latest in an ever-growing string of hacks and data breaches. On Monday, July 29th Capital One divulged that over 100,000,000 customers’ submitted applications and personal information has been breached. I like to write that number out fully because it helps remind me just how big that number really is. Here’s what is known and public so far:

• According to Capital One, credit card applications from 2005-2019 are believed to have been exposed
• That equates to over 100 Million individuals in the U.S.
• Information that was part of the data leak includes: names; addresses; ZIP codes; phone numbers; email addresses; dates of birth; self-reported income levels; credit scores; credit limits; credit balances; payment history; and contact information.
• An estimated 140,000 Social Security Numbers are also believed to be compromised as well as 80,000 linked bank account numbers.
Okay so this looks, and is, bad. Unfortunately, this is increasingly the norm for the global connected world we’re a part of. Capital One is a large lender of small business credit, and many businesses I’ve talked with have credit or applied for credit during this time.

What should I do?
The first thing is to not panic. In the coming weeks Capital One has said they will be attempting to reach out via email and mail to customers whose SSN may have been compromised. For your personal accounts, many credit card providers and other account providers now offer credit monitoring or credential compromise detection for free or cheap - we highly recommend this for you and your family. These services, however, rarely extend to your business and do not extend to your employee credentials in your business. One thing all business owners can, and should, be doing is monitoring their company’s email accounts for compromised credentials. We highly recommend constant monitoring for yourself and any employees and emails under your company’s domain (companyname.com). Many small businesses try to simplify their hectic workflow, and one way they do that is reusing passwords across multiple accounts. Because of this whenever a company has breaches, bad actors can often gain access to multiple accounts and cause damage. Additionally, former employees may have accounts that are forgotten or using group login. If you don’t have a way to easily monitor and get alerted on a daily or weekly basis for breached credentials, we can help with that. Request a free 1-time Dark Web credentials search against your company at: https://www.bytewerx.xyz/dark-web-scan/ and we can do a spot check for your business.