Capital One Breach: Account Takeover Fraud on Fire

Sep 17, 2019

On July 29, 2019, Capital One talked about the data breach the company had experienced. Over 100 million people’s sensitive data was breached in the U.S. and Canada as a result. If the Capital One breach is the topic you’re interested in and if you want to discover secure payment processing services, keep on reading below.

Capital One Breach: Protect Your Transactions
With more and more businesses moving to the online space, the number of customers logging in with their usernames and passwords is increasing rapidly. According to a 2018 report by an anti-fraud technology provider, account takeover (ATO) attacks grew 31% percent YoY (year-over-year).

ATO fraud is creating major problems for payments. Once criminals steal customers’ usernames and passwords, they can easily use that information to get access to more data. Recently, Capital One Financial Corp. (COF), the 5th biggest credit card issuing company in the U.S., has been attacked.

The “author” of the attack was Paige Thompson, an engineer having formerly worked at Amazon Web Services and as a contractor with Capital One. By relying on the information she had about the bank, she got access to the bank’s internal network and “took advantage” of a minor issue with the firewall.

Specifically, the attacker allegedly got access to the login data used for accessing the bank’s computers, stolen from open Amazon servers. Next, she was allegedly able to keep those computers under her control to obtain the information, as well as mine cryptocurrency. This type of mining is often called “cryptojacking.”

Thompson hacked the sensitive data of nearly 100 million people in the U.S. and 6 million people in Canada.

With all this in mind, it’s becoming more and more critical to protect your e-commerce business from fraudsters. You can do this easily by working with a secure payment processing company like eMerchantBroker.com. EMB, voted the nation’s top high risk payment processor, is committed to offering the cheapest rates and the fastest approval to both low and high risk merchants.

eMerchantBroker.com, raked an A company by Card Payment Options and listed as the “Best All-Around High Risk Merchant Account Provider” by ValuePenguin, can help you avoid problems like the Capital One breach. EMB works with Ethoca and Verifi to ensure you’re enjoying unmatched fraud prevention and chargeback mitigation services.

What You Didn’t About Capital One Hack
The Capital One hack isn’t the biggest security breach in history, however, it once again points to the importance of fraud prevention. The credit bureau Equifax breach back in September 2017 was bigger: it exposed sensitive information of 145 million customers, including 209.000 credit card details.

Concerning data breaches, be aware that there exist 2 basic threats that consumers are faced with:

  • ATO or account takeover fraud when hackers take over a legitimate user’s account to complete fraudulent transactions
  • Synthetic fraud when hackers use stolen consumer data, often of more than one consumer, to “build” a new user

According to Daniela Perlmutter, vice president of marketing at cybersecurity firm CyberInt, consumers must take special attention to and be aware of the transactions in their accounts. When it comes to financial institutions, including commercial banks, they should learn a lesson from the case with Capital One and give their employees and contractors limited access to their cloud-computing systems.

Capital One has reported the bank has already resolved the issue the hacker relied on to steal the information. It’s worked with federal law enforcement on the case.

To sum up, Capital One has recently announced an attacker stolen sensitive data about the bank’s credit card customers and those having applied for their credit card products.

Capital One has already fixed the issue by promptly cooperating with federal law enforcement. The hacker is under arrest. The bank’s analysis shows that the data mustn’t have been used to commit fraud or disseminate.

Make sure to work only with a reputable payment processor that can provide you with the most sophisticated fraud prevention techniques.

Let us help you get a high risk merchant account today!

Get Started

Award winning.

  • 2012
  • 2013
  • 2014
  • 2015
  • 2016

Having a merchant account allows an account holder to take advantage of merchant cash advances. When a merchant is approved for an advance, the business agrees to receive a lump sum of cash in exchange for an agreed-upon percentage of future credit card sales.

Pricing varies depending on the merchant’s industry, past credit card processing history, the type of business seeking the account, average ticket sales, and average transaction volumes.

Yes, EMB works with merchants who are building their credit, as well as those who have poor credit. EMB also approves merchants that have no credit card processing history and businesses that have lost their merchant accounts due to high chargebacks.

Several factors influence a merchant’s risk level. Though only one factor likely will not get a merchant classified as high risk, a combination of these may: business size, location, and industry, credit score, credit card processing history, a industry’s reputation for excessive chargebacks, a prior history of high chargeback ratios, and whether a merchant exclusively sells online.

Virtual terminals are stationed on a merchant’s website, making it easy for customers to make a payment or purchase online. Merchants or a payment processor can easily set up virtual terminals, so online businesses can accept credit and debit card and e-check transactions.

A merchant account is a business account with an acquiring bank. Without this business account, which actually works more like a line of credit, a merchant cannot accept and process credit and debit card transactions. Businesses need a merchant account to accept major credit cards via a static point-of-sale terminal, mobile card reader, or through a virtual payment gateway.

After filling out EMB’s simple online application and submitting any necessary, requested documents, many merchants get approved within 24 and 48 hours.

EMB specializes in working with high-risk merchants. EMB works with many merchants, including but not limited to businesses in these industries: gambling and gaming, adult entertainment, nutraceuticals, vaping and e-cigarettes, electronics, tech support, travel, high-end furniture, weight loss programs, calling cards, e-books and software, and telecommunications.

Live Chat