Deep Dive – Capital One Data Breach

Infographic Threat Talks - Security and Compliance

Capital One Data Breach

Compliance-induced false sense of security Capital One—a leader in finance—learned the hard way that even compliant systems can fail if they’re not configured correctly. In our latest Threat Talks episode, we explore how a simple misconfiguration in their web application firewall (and a hacker with insider knowledge) led to over 100 million credit applications being leaked. For this Deep Dive into the Capital One data breach, host Lieuwe Jan Koning is joined by Tim Timmermans (CISO ON2IT) and Luca Cipriano (Threat Intel Specialist CTO ON2IT) as they reveal how this could happen, and what lessons we can all learn from it. How do you make sure you catch misconfigurations? And what other steps can you take to protect yourself against data breaches?  

Infographic

For a complete overview of the Capitol One Data Breach and other attacks featured in the Bridging the Gap: Compliance and Security Threat Talks; download the infographic.

Your cybersecurity experts

Lieuwe Jan Koning

Co-Founder and CTO, ON2IT Group

Luca Cipriano, Threat Intel Specialst, ON2IT

Rob Maas

Field CTO, ON2IT

Tim Timmermans - CISO NL, ON2IT

Tim Timmermans

CISO the Netherlands, ON2IT

Episode details

How insider knowledge was used against AWS

In August 2019, a former Amazon employee was arrested for orchestrating a data breach that exposed over 100 million consumer credit applications at Capital One. Despite adhering to industry regulations like PCI DSS, Capital One’s reliance on cloud security created a dangerous blind spot. A misconfigured web application firewall (WAF) on AWS left them vulnerable to a Server-Side Request Forgery (SSRF) attack, which evaded their internal security measures and led to one of the largest data breaches in history.

For this Deep Dive into the Capital One data breach, host Lieuwe Jan Koning is joined by CISO Tim Timmermans and Threat Intel Specialist Luca Cipriano of ON2IT.

As Luca walks us through the steps the attacker took and what methods they used to circumvent and evade internal security measures, Tim shows what measures could have been taken and what controls should have been in place.

Tune in for this Deep Dive to find out more!

 

Stay up-to-date on cybersecurity threats

Subscribe to our Spotify channel for deep dives into the dynamic world of cybersecurity. Stay informed, and stay secure!

Infographic Threat Talks - Security and Compliance