UniCredit: No Proof That Cap One Accessed Customers’ Data

UniCredit, in a memo to its staff on Thursday, said that an internal investigation showed no evidence that a recent data breach at Capital One involved any of its own data, according to a report by Reuters.

Authorities investigating the case are trying to find out if the alleged hacker, Paige Thompson, hacked any other entities. She is thought to have stolen data on more than 100 million Capital One customers from an Amazon cloud service.

UniCredit said it was launching its own investigation after its name came up in a screenshot published by Krebs On Security in which Thompson claimed to hack other companies.

A source briefed on the issue said that UniCredit doesn’t store customer data on any Amazon servers.

Among the companies listed by Krebs on Security in the screenshot are software company Apperian, Ford, Global Garner, Identiphy, UniCredit and Infoblox.

The website reached out to many of the companies, and it heard back from Infoblox.

“Infoblox is aware of the pending investigation of the Capital One hacking attack, and that Infoblox is among the companies referenced in the suspected hacker’s alleged online communications,” the company said. “Infoblox is continuing to investigate the matter, but at this time there is no indication that Infoblox was in any way involved with the reported Capital One breach. Additionally, there is no indication of an intrusion or data breach involving Infoblox causing any customer data to be exposed.”

Capital One Chairman and CEO Richard D. Fairbank said that he doesn’t think any of the stolen information was used maliciously.

“Based on our analysis to date, we believe it is unlikely that the information was used for fraud or disseminated by this individual,” Fairbank said. “While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened. I sincerely apologize for the understandable worry this incident must be causing those affected, and I am committed to making it right.”