McLEAN, Va. – Capital One announced on Monday that a hacker accessed about 100 million credit-card applications filled out between 2005 and 2019. What if yours was among them?
The hacker also stole 140,000 Social Security numbers and 80,000 bank-account numbers. In the aftermath of the breach, cybersecurity expert Marty Puranik, chief executive of cloud-hosting company Atlantic.net, said folks need to be even more vigilant to protect against fraud and identity theft. He recommended signing up for an online service that provides credit monitoring.
"It will tell you how many inquiries are coming in against your credit," he said. "The reason that's important is, if you start seeing inquiries against your credit by companies you've never applied for a credit card with, then most likely somebody's trying to take advantage of your identity."
Puranik said it's also important to help family and friends who aren't as tech-savvy to make sure they take the same precautions.
McLean-based Capital One has 56 branches and dozens of ATMs across Virginia. The hack appears to be one of the largest data breaches ever to hit a financial services firm.
The data breach involved about 100 million people in the United States and 6 million in Canada. When it was announced, Capital One emphasized that no credit-card numbers or log-in credentials were compromised, but Puranik said that doesn't shield anyone from what is known as "secondary fraud."
"Nefarious people could also use this data to call, write, email you pretending to be an authority figure," he said, "trying to sell you credit monitoring or using the data that's already available to get additional data about you."
Puranik advised people never to give financial or identifying information to a stranger, and to only use official phone numbers for banks or credit cards from your credit monitoring service's website.
Capital One said the hacker was able to get such data as phone numbers, email addresses, dates of birth and self-reported income.
get more stories like this via email
April is Financial Literacy Month, when the focus is on learning smart money habits but also how to protect yourself from fraud.
One problem on the rise in the Southeast is the "impostor" scam, when scammers represent themselves as fake government agents or bogus businesses. They are really on the prowl for your cash and personal info, costing victims in North Carolina almost $190 million last year alone.
Natalya Rice, Southeast Regional attorney for the Federal Trade Commission, listed some key red flags to look out for.
"Utilizing a payment app, sometimes even cryptocurrency, things like that," Rice noted. "Anyone who contacts you from what seems like it could be a legitimate company or business, if they're asking you to send them money or some type of payment through one of these type of payment methods, that is a red flag that you're dealing with a scammer."
Other warning signs include requests to transfer your funds or even demands for a verification code to access an account. If you have concerns, Rice advised it is best to stop communication and contact the actual company directly. Still other scams big in the Southeast include online shopping, investments and job offers.
Nationwide, a record $10 billion was lost to scams in 2023.
More than 25,000 North Carolina residents reported possible identity theft last year. Rice recommends acting promptly when you realize or suspect you have been scammed. The first step is to contact your financial institution and report the incident to its fraud department. She added it is crucial to notify federal and state agencies for further investigation.
"You can go to reportfraud.ftc.gov and fill out a report there and let us know what happened," Rice noted. "In the state of North Carolina, there's also another place you'll want to report it to, and that's the North Carolina Attorney General's Office."
If you suspect your identity has been compromised, Rice stressed the FTC can assist you in developing a recovery plan. She added getting your money back is never guaranteed but the sooner a scam is reported, the sooner it can be investigated and other people can be warned.
get more stories like this via email
Advocates are cheering the General Assembly for legislation protecting Marylanders' data privacy and are calling on Gov. Wes Moore to sign the bill.
The Maryland Online Privacy Protection Act of 2024 would limit data collection by tech companies as well as their ability to bury unfavorable terms in complex license agreements.
R.J. Cross, director of the Don't Sell My Data Campaign for the Public Interest Research Group, said the new law is a win for consumers.
"No one reads those long privacy policies. They're often vague and full of legalese and so, hiding what a company wants to do with your data there is pretty duplicitous and not being consumer friendly," Cross contended. "The Maryland law takes a very different approach and said it's not enough; you can't just hide things in your fine print. You need to have good data practices that protect people upfront."
She pointed out the Maryland law would be one of the strongest in the nation. If Gov. Moore signs the bill, it would go into effect in October 2025.
The bill gives consumers the right to have some personal data deleted and places limits on the kind of widespread monitoring used to generate targeted advertising. Cross noted such data collection is common.
"A lot of our favorite websites and apps are gathering things like what you've searched for online, every website you visited, your location, maybe even your entire phone contact list," Cross outlined. "It has turned around and sold that information to companies that you've probably never even heard of."
With data breaches consistently making news, Cross added the bill will improve Marylanders' personal security.
"A lot of what this will do is limit how much data is being collected about you and sold, which will help your personal security in a big way," Cross explained. "The more data that companies collect about you, and the more they sell it to other companies, the more likely it's going to be exposed in a breach or a hack."
get more stories like this via email
Florida residents can now file their simple income-tax forms for free and save time through the Internal Revenue Service's Direct File pilot program. It's estimated the simplified filing process could eventually save Florida taxpayers more than $530 million in filing fees every year.
With the April 15 income-tax filing deadline right around the corner, Adam Ruben, vice president for campaigns and political strategy at the Economic Security Project, said you can easily use the program by visiting the website Directfile.IRS.gov.
"It's an interview-based questionnaire," Ruben said. "So it's something that people can use on their phones on their computers available in English and Spanish that asks people questions and pretty much plain language, and you fill in the answers. And it fills in the tax form for you."
Florida is one of a dozen states where IRS Direct File is a pilot project. If it were to expand nationwide and be available to more taxpayers, Ruben estimated that within five years, it could save Americans $8 billion in tax-preparation fees and another $3 billion worth of time annually.
However, opponents have argued that the government is wasting resources and will snag business from professional tax preparers and programs that have lobbied against Direct File.
Chris Moreno, director of financial capability for Catalyst Miami, a nonprofit that works with communities through a variety of free services, said a stress-free filing process that can be done from the comfort of your home or the convenience of your phone is worth taking advantage of.
"If you are an average worker who gets a W-2 - you're employed for a company, you don't own any companies or businesses - you'd probably be the ideal candidate for someone to be able to use Direct File this year," Moreno said.
While a free-file program has been available, many taxpayers were unaware they had access to it. An investigation by ProPublica revealed tactics by Intuit, maker of TurboTax, to cloud the free-file program.
And state auditors, comptrollers and treasurers in 18 states - including Florida - sent a letter in March to the federal government urging the termination of Direct File. They claimed it might lead to confusion about state tax filings, potentially resulting in penalties and loss of state refunds.
get more stories like this via email