Capital One Data Breach: Who’s In Your Wallet?

Advertiser Disclosure

Last updated on April 5th, 2023

Capital One’s slogan of “What’s in your wallet?” may need an upgrade thanks to the data breach that was reported this week. Who’s in your wallet?

If you’ve seen the news lately, you may have heard about what’s considered to be one of the biggest data breaches in US history to date: a hacker gained access to the personal information of over 106 million individuals who applied for credit through Capital One. Personal data including self-reported income and birth dates were compromised, and approximately 140,000 Social Security numbers, and 80,000 bank account numbers were also stolen. The Virginia-based lender stated that they saw the vulnerability in its system on July 19th, and immediately contacted the FBI and law enforcement; the perpetrator has reportedly been arrested in Seattle. It’s estimated that the hack took place between March 12 and July 17 of 2019; Capital One has stated that it is unlikely that the information that was swiped has been used for fraud, but investigations are still ongoing. Capital One has also said that it appears that the data stolen dates back to 2005, so this breach may affect customers who have not applied for a Capital One card recently. This isn’t the first major data breach to affect credit card users in the United States; in 2017, Equifax saw hackers breach their system and steal the personal information (including Social Security numbers and home addresses) of almost 148 million Americans between May and July of that year. The Capital One breach coincides with an FTC (Federal Trade Commission) and Consumer Financial Protection Bureau settlement with Equifax, who will be required to pay at least $575 million as recompense for what was widely considered a preventable breach. Capital One may soon find itself in the same boat once the dust settles, but in the meantime, what can we do to protect ourselves when we learn that a credit issuer, bank, or bureau that we use has had a data leak?

How To Beef Up Personal Data Security

Our experts recommend five immediate steps to take in order to protect yourself when you’ve experienced credit card fraud. These steps are also important to consider when you’re the victim of a hack like the one Capital One is currently dealing with, but there’s more you can do to protect yourself. Contact Capital One immediately if you bank with them to see if you’re affected by this. If you think your data may have been exposed thanks to this data breach and you’re unsure of what to do next, is here to help! We break it down for you:

1) Freeze Your Credit

Security experts agree that a credit freeze is the best recourse to take as a first step in the event that your personal information may have been stolen thanks to a data breach like the one Capital One has experienced. Often, you’ll read that the first step should be a fraud alert, but a credit freeze is actually much more effective.

What’s a credit freeze? A credit freeze prevents loans and other services from being opened in your name without your consent. Freezing your credit does not affect your credit score, and it’s now a free service provided by each of the three credit-reporting bureaus that can be accessed either online or over the phone. In order to freeze your credit, the FTC says you’ll need to gather your name and address, date of birth, Social Security number, and other personal information. Once you’ve contacted each credit bureau, you’ll receive a unique PIN which can be used to reverse your credit freeze the next time you need to apply for credit.

After a data breach of this sort, this option is more effective than a fraud alert, since a fraud alert is simply a red flag that alerts the company you’re banking with that you may have been the victim of fraud, while a credit freeze actually prevents anyone from using your data to apply for credit in the first place. It’s best to both freeze your credit and alert the issuer about possible fraud

2) Change Your Passwords

Perhaps the easiest step to take to protect yourself is to change the passwords for the accounts you think may have been compromised. Not only can you make it that much more difficult for someone to access your account, but you can also create a stronger password while you’re at it. Many people opt for passwords that are easy to remember, and use them across different platforms so they don’t have to remember individual logins – but this also means that many of our passwords are also easy to guess. Update your password and consider using a password aggregator that features a random generator such as LastPass, Keeper, Dashlane, or KeePass. These services will help you to generate unique, complex passwords that will be difficult to guess and keep thieves away from your personal data.

3) Be Wary of Scams

In the wake of a hack of this magnitude, crooks and cons will often try to capitalize on the confusion that inevitably follows a data breach. This means that there may be an uptick in the number of Phishing attacks, as ne’er-do-wells may pose as legitimate, trusted companies in an attempt to collect additional information to be used for fraud. Ignore unsolicited requests for information – personal or otherwise – and be wary of clicking links that are sent to your email by accounts that may present themselves as genuine. If the card issuer or bank doesn’t request to contact you directly, don’t respond to the email. Capital One has asked that any consumers who believe they receive a fraudulent email that is phishing for data to forward the email to: [email protected]. Remember, it pays to be vigilant, so if you receive an email (or a phone call) and you’re not sure if it’s a legitimate request or if you’re suspicious, contact your bank or the company that is claiming to contact you so that you can ensure you’re not accidentally giving away personal information. Another easy way to monitor your accounts is to sign up for credit monitoring. Credit monitoring services can help you keep an eye on your accounts by sending you alerts when any account is opened in your name, or even in the name of a family member. There are free sites, like Credit Karma, that offer complimentary credit monitoring, but for services that are more thorough, you’ll end up paying anywhere from $10 to $30 each month. When you consider the alternative, this may be worth it. Only time will tell just how much data was compromised in the Capital One breach. If you recently applied for a Capital One card, or you have an account with Capital One, you may be anxious to find out more. Follow the above steps to ease your mind, and make sure you contact a representative at Capital One to find out what they can do to help with this process.

Editorial Disclosure – The opinions expressed on's reviews, articles, and all other content on or relating to the website are solely those of the content’s author(s). These opinions do not reflect those of any card issuer or financial institution, and editorial content on our site has not been reviewed or approved by these entities unless noted otherwise. Further, lists credit card offers that are frequently updated with information believed to be accurate to the best of our team's knowledge. However, please review the information provided directly by the credit card issuer or related financial institution for full details.

About: BestCards Team
BestCards Team

The team is made up of individuals who are full of insight, expertise, and advice in all things related to credit cards and personal finance. We're everyday people, just like you, and our goal is to help you navigate this important part of your life with confidence and ease.
If you have questions or need advice on specific topics, you can always reach out to us via our Contact page.

Advertiser Disclosure

BestCards is an independent, Florida-based credit card comparison platform. Many of the card offers that appear on this site are from companies from which BestCards receives compensation. This compensation may impact how and where products appear on this site (including, for example, the order in which they appear). BestCards does not include all card companies or all card offers available in the marketplace.