It happened again. It's almost like living in a really depressing version of Groundhog Day, where instead of waking up and reliving the same day over and over, we're hearing the same story on a far-too-frequent basis: another data breach.

As my colleague Minda Zetlin wrote, a former Amazon employee managed to access the personal information of some 100 million people after hacking into Capital One's database hosted on Amazon Web Services (AWS) as a result of a firewall misconfiguration. That information included as many as 140,000 Social Security numbers and bank account information for another 80,000 customers, as well as 1 million Canadian Social Insurance numbers (the equivalent of Social Security numbers).

Capital One has said that no credit card numbers were included in the breach, and that login credentials and passwords also remained secure. It also says it quickly fixed the underlying issue.

The bigger question you're probably asking is, "How do I know if I'm affected?"

As always, the answer depends. Capital One said in a statement: "Based on our analysis to date, we believe it is unlikely that the information was used for fraud or disseminated by this individual. However, we will continue to investigate."

In addition, the company shared the following information on the kinds of data that were accessed:

  • Personal information of customers who applied for a personal or small business credit product from Capital One between 2005 and 2019.
  • About 80,000 account numbers of current customers who have a bank account linked to their credit card.

If you fit those two categories, and your information was affected, Capital One says it will reach out directly to let you know. The company also says it will offer free credit monitoring and identity protection services to everyone affected.

In the meantime, especially in light of other recent breaches, it's probably a good idea to be proactive about protecting your information by taking a few common-sense steps. 

First, if you haven't already, it's time to take advantage of credit monitoring offered for free from services like Credit Karma, which will let you know when your information is used to open a new line of credit, or if an inquiry is found on your credit report. It also lets you know if your personal information is found in a database online.

You can also place a freeze on your credit files, which prevents anyone from using your information to open a new line of credit. All three major consumer credit bureaus allow you to do this online.

Freezing your credit can be inconvenient, since you will also be prevented from opening new credit until you call to have your file unlocked, but that inconvenience seems like a small price to pay compared to the hassle of cleaning up the mess if your information is misused.