What’s in someone else’s wallet may not be Capital One’s advertising slogan, but it may describe your personal information following the 2019 disclosure of a major data breach at Capital One affecting more than 100 million of its American customers and 6 million of its Canadian customers.  Capital One is the third biggest credit card issuer in the United States.  The stolen information was contained in credit card applications that were accessed by Paige A. Thompson who formerly worked for Amazon Web Services which hosts the Capital One data base.  Thompson was convicted of criminal charges related to the hacking of Capital One.

The most sensitive information stolen was a million Canadian Social Insurance numbers which are the equivalent of American Social Security numbers.  Ms. Thompson also stole 140,000 Social Security numbers.  According to the FBI, Ms. Thompson obtained the sensitive data by exploiting a misconfiguration of a firewall on a web application that enabled her to access the server used by Capital One to store the data.

In the Scam of the day for August 18, 2022 I reported that the class action brought on behalf of the victims of the data breach had been settled. If your filed a claim pursuant to the class action, you  ‘EpiqPay.’ began sending emails  to eligible claimants last week.  ‘EpiqPay’ is a trusted digital payment platform delivering the settlement payments.


So what can you do now to protect yourself from future data breaches that will inevitably occur.

If you have not yet frozen your credit with each of the three major credit reporting agencies, Equifax, Experian and TransUnion, you should do so now to protect yourself from possible identity theft. it is free and easy to do.

To get the maximum protection from identity theft, it is important to freeze your credit at each of the three major credit reporting agencies. Here are links to each of them with instructions about how to get a credit freeze:

One of the biggest lessons from the myriad of data breaches is to make sure that you use unique passwords for every online account that you have in order to avoid having a sensitive account, such as your online banking account compromised because you use the same password as you do for another relatively meaningless account that had poor security which led to a data breach in which your password was stolen.

Creating and remembering strong, unique passwords for each of your accounts is not as difficult as it may appear.  You can start with a strong base password constructed from a phrase, such as IDon’tLikePasswords. Add a few symbols like !!! and then adapt it for each account you have so that you will have a secure and easy to remember password for each of your online accounts.   Thus, your Amazon password could be IDon’tLikePasswords!!!AMA.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address on the tab that states “Sign up for this blog.”