FILE PHOTO: The Capital One logo and ticker are displayed on a screen on the New York NYSE floor New York Stock Exchange (NYSE), New York, USA, May 21, 2018. REUTERS / Brendan McDermid / File Photo  30th July 2019
By David Henry
(Reuters) – Capital One Financial Corp.'s
Capital One announced the day before that 1
The bank expects the incident this year to cost $ 100 to $ 150 million, some of which may be covered by a comprehensive insurance policy. It was also confirmed the previous forecast that the operational efficiency would improve.
However, investors are concerned about the scale of the breach, the reputational impact of Capital One and the likelihood of additional costs.
"We are skeptical Management's implication that a problem of this magnitude does not affect profit expectations and efficiency expectations," wrote John Pancari, ISC analyst at Evercore.
Analysts pointed to the legal costs and possible regulatory sanctions Capital One might face.
Two class action lawsuits were filed on federal courts on Tuesday, and New York and Connecticut Attorney Generals each said their offices would start considering the matter. Some legislators also issued statements criticizing Capital One or calling for stricter data protection legislation.
The breach resulted from Capital One's decision to save data in the cloud unit of Amazon.com Inc (19459008) named Amazon Web Services (AWS). A former employee named Paige Thompson was able to access his data. She was charged with computer fraud by the Seattle Attorney's Office and appeared in court for the first time on Monday. Instead, it attributed the violation to a "misconfiguration" outside the cloud.
Capital One attributed the problem to a bug in their own infrastructure. The bank was an avid user of external cloud services where executives performed or promoted AWS events.
The Amazon share closed on Tuesday at 0.7%.
Capital One had no immediate answer to Reuters questions about its technological vulnerabilities on Tuesday. However, analysts said that confidence in a third party would be re-examined.
The incident "raises questions about how best to monitor and protect customer information," said Morgan Stanley analyst Betsy Graseck.
"Today's revelation reminds investors of the confidence that financial institutions bring to their customer-facing employees and the risk of outsourcing part of the customer-centric business. "
It expects stocks to remain under pressure as investors question whether stocks are under pressure Bank has other cloud-based vulnerabilities and whether there will be additional regulatory investigations and costs ,
(Reporting by David Henry to New York; Additional coverage by Supantha Mukherjee and Kanishka Singh in Bengaluru and Jonathan Stempel in New York; writing by Lauren Tara LaCapra; edited by Nick Zieminski and Matthew Lewis)