Capital One announced Monday a hacker had accessed a trove of the bank’s credit card application data, exposing the personal information of about 100 million U.S. customers.
The Capital One hack appears to be one of the largest data breaches to ever hit a financial services company.
In 2017, the credit-reporting company Equifax disclosed that hackers had stolen the personal information of 147 million people. Last week, it reached a $700 million settlement with U.S. regulators over that breach.
The FBI arrested a Seattle software engineer, Paige Thompson, on a charge of computer fraud and abuse, according to court records.
Worried your data might have been exposed in the hack? Here’s how to make sure your accounts are secure and to safeguard yourself against future attacks.
• Check your accounts for suspicious activity
Capital One will notify customers affected by the breach and is offering free credit monitoring and identity protection.
In the meantime, check your recent credit card statements and bank account transactions for suspicious activity. You also should check your credit report to see if any false accounts or credit cards have been opened in your name.
• Freeze your credit
ARTICLE CONTINUES BELOW ADVERTISEMENT
Ted Rossman, a CreditCards.com analyst, said in a statement to the Washington Post that it’s free and easy to do online or over the phone.
“The No. 1 thing consumers should do to protect their identities is to freeze their credit by contacting Equifax, Experian and TransUnion,” Rossman said. “This is the best way to prevent a criminal from opening an unauthorized account in your name. Unfortunately, only about one in four U.S. adults have frozen their credit.”
This means that creditors can’t access your credit or open accounts in your name.
• Change your passwords often
Rossman said CreditCards.com found in a poll that more than 80 percent of adults in the United States reuse passwords.
Setting up two-factor authentication, a second level of logging into your personal accounts, also is a good idea, whether that’s through an SMS message sent to your phone or an external app such as Google Authenticator.