Deep Dive – Capital One Data Breach
Capital One Data Breach
Compliance-induced false sense of security Capital One—a leader in finance—learned the hard way that even compliant systems can fail if they’re not configured correctly. In our latest Threat Talks episode, we explore how a simple misconfiguration in their web application firewall (and a hacker with insider knowledge) led to over 100 million credit applications being leaked. For this Deep Dive into the Capital One data breach, host Lieuwe Jan Koning is joined by Tim Timmermans (CISO ON2IT) and Luca Cipriano (Threat Intel Specialist CTO ON2IT) as they reveal how this could happen, and what lessons we can all learn from it. How do you make sure you catch misconfigurations? And what other steps can you take to protect yourself against data breaches?Infographic
For a complete overview of the Capitol One Data Breach and other attacks featured in the Bridging the Gap: Compliance and Security Threat Talks; download the infographic.Your cybersecurity experts
Lieuwe Jan Koning
Co-Founder and CTO, ON2IT Group
Rob Maas
Field CTO, ON2IT
Tim Timmermans
CISO the Netherlands, ON2IT
Episode details
How insider knowledge was used against AWS
In August 2019, a former Amazon employee was arrested for orchestrating a data breach that exposed over 100 million consumer credit applications at Capital One. Despite adhering to industry regulations like PCI DSS, Capital One’s reliance on cloud security created a dangerous blind spot. A misconfigured web application firewall (WAF) on AWS left them vulnerable to a Server-Side Request Forgery (SSRF) attack, which evaded their internal security measures and led to one of the largest data breaches in history.
For this Deep Dive into the Capital One data breach, host Lieuwe Jan Koning is joined by CISO Tim Timmermans and Threat Intel Specialist Luca Cipriano of ON2IT.
As Luca walks us through the steps the attacker took and what methods they used to circumvent and evade internal security measures, Tim shows what measures could have been taken and what controls should have been in place.
Tune in for this Deep Dive to find out more!
Stay up-to-date on cybersecurity threats
Subscribe to our Spotify channel for deep dives into the dynamic world of cybersecurity. Stay informed, and stay secure!