One of Italy’s most well-known banks, UniCredit, said that it was going to start its own probe into the Capital One data breach, according to Reuters.
“On July 30, UniCredit became aware that its name has been mentioned in relation to the Capital One issue,” the bank said in a statement on Wednesday (July 31). “UniCredit has contacted the relevant authorities and is actively investigating the matter.”
The data breach affected more than 100 million people, and the alleged perpetrator was quickly arrested.
Software engineer Paige Thompson, 33, allegedly boasted online about the hack and left crumbs for investigators to follow, The New York Times reported. Thompson formerly worked for Amazon Web Services, which hosted the Capital One database that was breached.
Seattle-based Thompson was charged with one count of computer fraud and abuse following her arrest on Monday (July 29).
“I’ve basically strapped myself with a bomb vest,” Thompson wrote in a Slack post, according to prosecutors, “dropping capital ones dox and admitting it,” the NYT said.
The FBI noticed her activity on a Meetup she organizes called Seattle Warez Kiddies, which is for people into “hacking, cracking.” This led a GitHub post and to the incriminating Slack message and Tweet. Online, she used the name “erratic.”
The response was swift by lawmakers and citizens alike.
On Tuesday (July 30), New York Attorney General Letitia James said her office was going to start investigating the data breach immediately, according to Reuters. The attorney general said it’s become “far too commonplace” for financial firms to experience hacks of this type. And she wants to make sure that people affected in her state are going to be taken care of.
James was instrumental in the settlement with Equifax over a data breach that affected 147 million consumers. Equifax has said it will recompense anyone affected by the breach, with conditions.
Also on Tuesday, a man affected by the Capital One breach filed a lawsuit against the firm. Kevin Zosiak, who lives in Stamford, Connecticut, and whose personal information was compromised in the data breach, filed the suit in federal court in Washington, D.C., Reuters reported. The suit is seeking class-action status.