The Capital One data breach that affected millions and spawned an investigation by the New York attorney general as well as a class-action lawsuit, has a new set of detractors: U.S. lawmakers.
The Hill is reporting that Sen. Ron Wyden of Oregon, who is the top Democrat on the Senate Committee on Finance, tweeted his displeasure about the news.
“I’m sick of waking up to headlines revealing that millions of Americans had their information stolen because a billion-dollar company failed Cybersecurity 101,” he said. “Corporations will only take Americans’ privacy seriously when CEOs are held personally accountable.”
A spokesperson for Senate Banking Committee Chairman Mike Crapo of Idaho said the group “is looking into the matter and will investigate it further, especially in light of Sen. Crapo looking at legislation on data privacy and safeguards.”
Ranking committee member Sen. Sherrod Brown of Ohio said the committee would have his support if it held hearings to look into the incident.
“I support making them responsible and hopefully more contrite than Equifax was,” Brown said.
On Tuesday (July 30), New York Attorney General Letitia James said her office was going to start investigating the data breach immediately, according to Reuters. The attorney general said it’s become “far too commonplace” for financial firms to experience hacks of this type. And she wants to make sure that people affected in her state are going to be taken care of.
James was instrumental in the settlement with Equifax over a breach that affected 147 million consumers. Equifax has said it will recompense anyone affected by the breach, with conditions.
Also on Tuesday, a man affected by the Capital One breach filed a lawsuit against the firm. Kevin Zosiak, who lives in Stamford, Connecticut, and whose personal information was compromised in the breach, filed the suit in federal court in Washington, D.C., Reuters reported. The suit is seeking class-action status.
The data breach affected 100 million people in the U.S. and 6 million in Canada. About 140,000 Social Security numbers and 80,000 bank account numbers were compromised.