Capital One has been fined some $80 million by the government for failing to adequately protect consumer data.
In 2019, Capital One suffered one of the largest financial hacks in history, exposing 80,000 bank account numbers and 140,000 Social Security numbers. The US Treasury Department’s Comptroller of the Currency said the bank was negligent when it transitioned to the cloud in 2015, and failed to properly implement the necessary security measures.
In some cases, the company’s internal audit failed to catch security issues. In other cases, the Board of Directors failed to act on issues the internal audit did flag. As a result, the Treasury Department is fining Capital One $80 million, which the company has agreed to pay.
Capital One’s example should serve as a reminder to companies that security should always be a prime consideration—not an afterthought.