Just over a year ago, after an Amazon employee accessed a vulnerable S3 bucket, Capital One experienced one of the biggest data breaches of 2019. The Amazon employee stole over 100 million customers’ social security numbers, bank account information, and credit card applications.
The Amazon employee was arrested shortly after the incident and charged with one count of computer fraud and abuse. Her trial is scheduled to begin next February. But at the broader organization level, the repercussions and consequences are well underway. We learned yesterday that Capital One has agreed to pay an $80 million fine and enter into a consent order with the Office of the Comptroller of the Currency (OCC), the independent bureau within the Department of the Treasury that regulates and supervises national banks.