Capital One breach exposed bank data for most vulnerable customers

The Capital One hack is of the largest data breaches ever — and among those affected are some of the bank’s most financially vulnerable customers.

The bank and the US Department of Justice revealed Monday that a hacker was able to access private data for more than 100 million Capital One customers. Social Security numbers, credit card applications, home addresses, credit scores, credit limits and balances were exposed.

The trove of data also included 80,000 bank account numbers, all of them for secured credit card customers.

Such credit cards are typically held by consumers with low credit scores or no credit history at all. That means many of those 80,000 customers could have a hard time recovering from an identity theft if their exposed data is used for ill.

It’s not yet clear if anyone’s identity was stolen as a result of the Capital One breach. The company said the vulnerability that allowed the hack, which occurred in March, has been fixed and that it’s “unlikely that the information was used for fraud or disseminated.” Capital One said it’s still investigating.

What this means for secured credit card customers

Secured credit cards are intended to help people build or rebuild credit: They’re offered to people with FICO scores in the mid-600s and below who likely have no other credit options. Banks require card holders to deposit cash equal to some or all of the card’s credit limit before they can start spending.

Many of the consumers who opt for a secured credit card are fresh off a personal crisis, such as a medical emergency, divorce or sudden unemployment that hammered their credit score, said Beverly Harzog, a credit card expert and analyst at