Attorney General Letitia James released the following statement following news that Capital One’s system was breached, and that the personal information of 100 million consumers was illegally accessed:
“One-hundred million consumers across America are wondering if they were unfortunate enough to be a victim of the most recent data breach. Though Capital One’s breach was internal, the fact still remains that safeguards were missing that allowed for the illegal access of consumers’ names, Social Security numbers, dates of birth, addresses and other highly sensitive, personal information.
“It is becoming far too commonplace that financial institutions are susceptible to hacks, begging the questions: Why do these breaches continue to take place? And are companies doing enough to prevent future data breaches?
“My office will begin an immediate investigation into Capital One’s breach and will work to ensure that New Yorkers who were victims of this breach are provided relief. We cannot allow hacks of this nature to become everyday occurrences.”
Last week, James led a nationwide announcement providing restitution to the more than 147 million consumers affected by the breach of Equifax Inc. in 2017.
Additionally, James last week applauded the signing of the Stop Hacks and Improve Electronic Data Security Act — a legislative priority of the Office of the Attorney General during the 2019 session — into law. This major overhaul of data security laws expands the trigger for data breach notifications, requires all companies that collect or store personal information to maintain appropriate safeguards and broadens the Attorney General’s oversight and ability to fine companies for failure to protect personal information.