A tech engineer in the western US state of Washington was arrested Monday on charges of stealing sensitive data from millions of credit card applications at financial heavyweight Capital One.
Paige Thompson, 33, a former Seattle technology company software engineer, was nabbed by FBI agents after she boasted about the data theft - one of the biggest to hit a financial services company - on the information sharing site GitHub, authorities said.
"The intrusion occurred through a misconfigured web application firewall that enabled access to the data," a statement by the US attorney's office in Washington said. "On July 17, 2019, a GitHub user who saw the post alerted Capital One to the possibility it had suffered a data theft."
It said the Virginia-based bank that specializes in credit cards contacted the FBI after confirming the data theft, which took place between March 12 and July 17 of this year.
"According to Capital One, the data includes data regarding large numbers of (credit card) applications, likely tens of millions of applications," according to the complaint.
In a statement, Capital One said the hack affected 100 million individuals in the United States and six million in Canada.
"Importantly, no credit card account numbers or log-in credentials were compromised and over 99 percent of social security numbers were not compromised," the bank said.