A data breach can have serious financial and personal consequences. The credit card data of hundreds, if not thousands, of people can be stolen in a single incident. Cybercriminals who get their hands on credit card information can then use it to purchase items online or withdraw funds from bank accounts. So just for peace of mind, since Capital One has likely been overrun with inquiries, the company announced in BTN that its commercial card portfolio was not impacted by the recently announced data breach.
When we cover commercial cards in our research, our definition of the term is for products and solution in the mid-to-large market segments. Small business cards are covered separately. However, Capital One includes small business cards as part of the announcement.
“The massive data breach announced this week by Capital One did not affect the card issuer’s corporate cardholders, the company said. The breach exposed the personal data of more than 100 million consumers in the U.S. and 6 million in Canada. The hacker collected the bulk of that data from consumers and small businesses who applied for Capital One credit card products between 2005 and early 2019.”
Reading that one sees “from consumers and small businesses,” which implies that there is a contradiction, however, many small business owners prefer to use consumer credit cards for their business needs since these cards often provide different, and perhaps better, benefits than comparative business cards, depending on the customer preferences.
Capital One has a large business card portfolio in the range of 4 million cards, and a smaller commercial card portfolio for larger businesses. Typically these applications are managed through different channels, especially for corporate liability commercial cards.
“The compromised information includes names, addresses, email addresses, phone numbers and dates of birth, as well as 140,000 U.S. Social Security numbers and 1 million Canadian Social Insurance Numbers. The hack did not access card numbers or account login information, Capital One said. The company promised to notify affected individuals ‘through a variety of channels’ and offer free credit monitoring and identity protection to those affected.”
Overview by Steve Murphy, Director, Commercial and Enterprise Payments Advisory Service at Mercator Advisory Group
