The data breach at Capital One could be, according to security researchers, the "tip of the iceberg" and affect other large companies.
Israeli security company CyberInt said Vodafone, Ford, Michigan State University, and the Ohio Department of Transportation may also have been victims of the same data breach that stole more than 106 million loan applications and files from a cloud server Operated by Capital One by a suspected hacker, Paige Thompson, a resident of Seattle who was inducted into the FBI custody earlier this week.
Former reports from Forbes and security reporter Brian Krebs indicate that Capital One may not have been the only company involved in this major US university, "Slack said.
The same news was published in a CyberInt report released Wednesday. "Other victims can be derived from filenames," the report says, including Apperian, Infoblox, and Wakoopa.
The Department of Justice stated that Thompson may face additional charges – suggesting that other companies might have been involved. The Ohio Department of Transportation said it was working with the FBI to "determine what, if anything, it was accessing," said spokeswoman Erica Hawkins. "At the moment, however, we can confirm that the information in the referenced file contained only publicly available data and no private information was stored there," she said.
Monique Brentley, spokeswoman for Ford, told TechCrunch that this is an investigation into the situation to determine if Ford information is involved.
Meanwhile, Vodafone spokesman Adam Liversage said the telco giant was "not aware of the data" stolen in the infringement of Capital One.
And a Michigan State University spokesman said he had hundreds of threats and attacks on our system "and said it was" hard to know if you were the alleged hacker from the Capital One situation recently. "
" said spokeswoman Emily Guerrant.
The Capital One hack is the most significant data breach this year, stealing data from an Amazon Web Services-based storage area that has more than 140,000 Social Security numbers and over one million Canadian Social security numbers and other personal information included A third party who has reportedly seen allegations by the alleged hacker and boasts of the theft.
Security researcher John Wethington told TechCrunch based on public information – including the Slack channel – in which the suspected hacker was a member – other companies would probably have stolen data.
"Based on information gathered from publicly available information about the alleged hacker accounts GitHub and GitLab, as well as public information from Slack, wi It is clear that organizations like Ford, Vodafone and others may be victims of what appears to be a huge hacker for sensitive data, "he said.
At the time of writing, Thompson faces five years in prison and a fine of up to $ 250,000.