Corporate credit card data was not exposed in the massive Capital One data breach that came to light earlier this week, according to Business Travel News reports.
The publication said this week that Capital One confirmed commercial cards were not affected by the breach, which exposed the personal data of more than 100 million customers and applicants of Capital One cards in the U.S. Six million consumers in Canada had their data exposed by the hack.
While customers of Capital One’s commercial banking division were not affected, reports noted that small business customers were affected by the breach.
Names, addresses, email addresses, dates of birth and phone numbers were all exposed, including the Social Security Numbers of 140,000 U.S. customers, and 1 million Canadian Social Insurance Numbers.
Former Amazon Web Services employee Paige Thomson, 33, of Seattle, has been arrested by the Federal Bureau of Investigation on suspicion on carrying out the data breach. Capital One uses the cloud hosting services of AWS.
The data breach also prompted a class action lawsuit, an investigation by the New York attorney general, and new efforts by U.S. senators within the Senate Banking Committee to probe the matter. Capital One is facing criticism for failing to detect the data breach until it received a tip nearly four months after it occurred; the bank is also facing criticism for failing to make the data breach public until two weeks after it learned of the incident.
While it is unclear exactly how many small businesses had data compromised in the hack, separate reports in Small Business Trends on Wednesday (July 31) noted that the hack effects individuals and small businesses that applied for a Capital One card between 2005 and early 2019. Experts are urging both consumers and small businesses to be proactive at protecting their data and monitoring their credit reports with all three agencies, the publication noted.