Talk:Capital One

Split proposed
The 2019 security breach has so much information, including an ongoing trial, that it should be its own article. I propose 2019 Capital One security breach. Due to a conflict of interest, I will not be able to make this split myself, but I encourage editors without a COI to do so. White 720 (talk) 16:47, 8 June 2022 (UTC)


 * As a consumer with no COI, I think this should stay right here. 74.102.1.100 (talk) 21:20, 21 January 2024 (UTC)

COI edit request
ONECapitalOne (talk) 03:52, 12 January 2024 (UTC)
 * Specific text to be added or removed: REMOVING: Capital One publicly acknowledged on July 29, 2019, that they had found unauthorized access had occurred ten days earlier by an individual who had breached the account and identity security of 106 million people in the United States and Canada.[96] REPLACE WITH:  On July 17, 2019, a GitHub user saw a post about a possible theft of information from Capital One [*]. That user notified Capital One, and the company then investigated [*]. On July 19, after determining that there had been an intrusion, Capital One notified the FBI [*].
 * Reason for the change: Taken out of context
 * References supporting change: https://www.justice.gov/usao-wdwa/united-states-v-paige-thompson

The source provided is a Primary Source. This is not sufficient for supporting the edits requested. Please find a non-primary source to support the requested content change. cheers. anastrophe, an editor he is. 04:40, 12 January 2024 (UTC)


 * The case summary is indeed extracted from the case documents. However, a press release about the case would be a secondary source, and anyway is a source perfectly acceptable on Wikipedia. Note that we use secondary sources primarily in order to avoid bias often inherent in primary sources. Here, in the DoJ press release, the risk of bias is negligible. — kashmīrī  TALK  04:58, 12 January 2024 (UTC)
 * That said, I somehow fail to see why the current wording would be problematic. It summarises the developments well without going into irrelevant details, doesn't it? — kashmīrī  TALK  05:02, 12 January 2024 (UTC)
 * A press release from an organization that is reporting about it's own work is also a primary source. But your final comment pretty much hits the nail on the head - they aren't important details. cheers. anastrophe, an editor he is. 05:31, 12 January 2024 (UTC)
 * Thank you for your feedback. With these edits we were attempting to clarify the situation in the article. I figured a case summary from the US Attorney's office would suffice as a secondary source, or that it would at least be sufficient in the sense of reliability, but I understand your perspective. I found this article, as well. Would this meet the secondary sourcing guidelines? There are others as well, but I don't want to spam this Talk page with links. ONECapitalOne (talk) 20:05, 31 January 2024 (UTC)


 * Well, I've looked over the gizmodo article, re-read the DOJ press release, and the original sourcing via Capital One's 'FAQ' page archived at archive.org, and I still don't see what material difference these small details make. Your original request stated "Reason for the change: Taken out of context" - but the opening text is true and correct. What you're requesting be removed does not appear to be taken out of context. At best (worst?), your edits could be additions after the text you requested be replaced. But these details are so minor I still fail to see their value. The article could stand to be updated to acknowledge the final judgement in the case, but my interest in the matter isn't great enough to motivate me to put in that effort. Perhaps another editor will be inclined to do so. cheers. anastrophe, an editor he is. 03:14, 1 February 2024 (UTC)

COI edit request 2/26/24
ONECapitalOne (talk) 11:16, 26 February 2024 (UTC)
 * Specific text to be added or removed: "In 2022, Thompson was convicted of five felonies and two misdemeanors. She was sentence to time served and five years of probation."
 * Reason for change: Provides important context with verifiable information
 * References supporting change: https://www.bankinfosecurity.com/prewrite-do-publish-capital-one-hacker-receives-tk-years-sentence-a-20189
 * I have reviewed these proposed changes and suggest that you go ahead and make the proposed changes to the page. Zippybonzo &#124;  talk  &#124;  contribs  (they/them) 08:23, 27 February 2024 (UTC)

COI edit request 3/12/24

 * Specific text to be added: under Capital One response, REMOVE: "Critics lambasted the bank's effort to downplay the hack while investigations were ongoing, and described the bank as more concerned about its image than the needs of its clients. Several Capital One customers stated that the first time they heard about the hack was through the media and the bank did not disclose the breach or explain its implications to affected customers." REPLACE with: Capital One was alerted to the incident on July 17, 2019. The FBI arrested and charged Paige Thompson within ten days of that alert, and on July 29, Capital One issued a press release about the hack. At that time there was also a banner on Capital One’s website that directed customers to a fact sheet and FAQ page, though several Capital One customers stated the first time they heard about the hack was through the media."
 * Reason for change: existing copy is inaccurate, and there is no citations to support critics "lambasting" Capital One. Replacing text explains clearly and concisely the chain of events, and what Capital One said publicly.
 * References supporting change: https://slate.com/technology/2019/07/capital-one-hack-no-customer-notification.html Thank you. ONECapitalOne (talk) 14:59, 12 March 2024 (UTC)
 * I have removed the unsourced claim which says Critics lambasted the bank's effort to downplay the hack while investigations were ongoing, and described the bank as more concerned about its image than the needs of its clients, and have expanded the section with citations to reliable sources. House Blaster  (talk · he/him) 19:23, 24 March 2024 (UTC)

COI Edit Request 4/12/24
*Specific Text to be Added: under Federal Reserve Action, REPLACE with:

On August 6, 2020, the Federal Reserve Board of Governors announced a cease and desist order against Capital One resulting from the breach. The order mandated, among other things, several actions for Capital One to comply with for risk management.

In 2023, the Federal Reserve terminated that 2020 order, stating the matter to be resolved. A separate consent order from the Office of the Comptroller of the Currency (OCC) was terminated in 2022, with the OCC reporting that “the bank had reached a level of safety and soundness no longer requiring extra oversight.”

*Reason for change: Attributable citations support the matter was resolved and terminated to Federal Reserve and OCC standards.

*References supporting change:

https://www.federalreserve.gov/newsevents/pressreleases/files/enf20200806a1.pdf

https://www.bankingdive.com/news/fed-terminates-capital-one-2020-enforcement-action-data-breach-aws-paige-thompson-occ-106-million/686725/

https://www.bankingdive.com/news/capital-one-occ-consent-order-2019-data-breach-106-million-customers-paige-thompson-aws/632143/

Thank you. ONECapitalOne (talk) 11:43, 12 April 2024 (UTC)


 * Your supplied source didn't support the stating the matter to be resolved bit. I wrote a more concise version. - DrOrinScrivello (talk) 18:22, 8 May 2024 (UTC)
 * Also, as another editor told you on your talk page back in January, your username implies shared use, which is not allowed on Wikipedia. Please visit WP:RENAME for information on how to change it to something indicating there's only one person using the account (e.g. JohnDoeCapitalOne). DrOrinScrivello (talk) 18:31, 8 May 2024 (UTC)

COI Request 6/2/2024
*Specific Text to be Added: Capital One began offering free credit monitoring services and identity protection to those affected by the breach. It was ultimately determined there was no evidence the data was shared by Thompson.
 * Do you have a source for identity protection? That was not in the citations you provided. I'll look around too.

*Specific Text to be Added: In 2022, Thompson was convicted of five felonies and two misdemeanors. She was sentenced to time served and five years of probation. She was also subject to location monitoring for three years and her use of computers and the internet was subject to federal monitoring.
 * ✅ with some edits

*Specific Text to remove:

Forensic analysis determined Thompson's actual hacking activity occurred in March 2019, then she posted the information to different outlets over the next three months. In April she posted a trove of leaked data along with instructions on how to access the company's credentials for more data extraction. In July a white-hat alerted Capital One to Thompson's hacking activity. Thompson pleaded not guilty to charges of wire fraud and computer fraud and abuse. During the investigations and subsequent data freeze, millions of Capital One accounts were locked; their owners were unable to process financial transactions, meet payments, or gain access to their financial records.

and replace with:

In 2019, Thompson started scanning IP addresses hosted by AWS for misconfigured web application firewalls. She accessed approximately 30 AWS accounts, one of which belonged to Capital One. Other affected accounts belonged to the Transportation Security Administration, Vodafone, Michigan State University, and Digital.ai. Thompson used her illegal access to plant Ethereum cryptocurrency-mining software. She was also able to access internal cloud computing resources in some cases, and then ultimately acquired security credentials and could log into the AWS accounts.

Reason for changes: more specific about events and context; changes to 'Details of the breach' provide specific details and remove redundancies of Thompson's activity and sentencing.

References supporting changes:

https://ir-capitalone.gcs-web.com/static-files/ab51222c-48d5-411e-aa54-495e95e25024

https://www.bankinfosecurity.com/prewrite-do-publish-capital-one-hacker-receives-tk-years-sentence-a-20189

Thank you. ONECapitalOne (talk) 22:55, 2 June 2024 (UTC)


 * Hi @ONECapitalOne, taking a look at this. Couple notes:
 * 1. The SEC filing is good source but what exactly is it supporting? I don't want to read 281 pages ;)
 * 2. I think I can add the text above without issue
 * 3. There's definitely some useful additional context and content you've supplied, but I think we should fold that in rather than blank and rewrite, unless there is something inaccurate or unsourced about the way things are written right now.
 * -- FeldBum (talk) 16:23, 5 June 2024 (UTC)
 * @FeldBum Thank you for your response, and for the edits you have already made. Responses below:
 * The filing is a supporting citation to the fact there was no evidence the data was shared by Thompson. Additionally, regarding the "identity protection" phrase, this was covered in publications after the breach was publicized: https://www.nbcnews.com/business/consumer/how-protect-yourself-after-capital-one-data-breach-n1036076 https://consumer.ftc.gov/consumer-alerts/2019/07/capital-one-data-breach-time-check-your-credit-report 2. Thank you for reviewing and implementing. 3. Folding in is a reasonable solution; we will defer to you and other editors on how that information should be organized and published.
 * Thank you for reviewing this request, and for your thoughtful feedback. ONECapitalOne (talk) 22:22, 12 June 2024 (UTC)
 * No problem @ONECapitalOne. Let me read those sources and see what I can add. -- FeldBum (talk) 02:23, 14 June 2024 (UTC)
 * I added in Identity Protection. Working on the rest now. -- FeldBum (talk) 17:15, 24 June 2024 (UTC)