You can bet when a high-profile breach of this size and sensitive nature hits, the 4iQ team is hard-pressed, delving deep into investigative work. As we help clients and organizations understand how this malicious actor's activities might affect them, one thing is for certain. A whole lot more personal data has been exposed. Paige Thompson herself made it clear on the #netcrave Slack channel that Capital One wasn't the first and only hack. Tens of gigabytes of data from companies like Ford, Vodaphone, and more. 

Let's consider the fact that while she used Tor and a VPN for anonymity, she also left very public trails of her activities. As the "Why" part of the story continues unfolds, I can't help but pause and think about how many malicious hackers with the same capabilities are out there quietly exfiltrating sensitive data from numerous companies and organizations.  I don't have to go far for those answers. Seeing the influx of breached data from 4iQ's intelligence perspective gives me a pretty good idea. 

But the worry starts there, as I then imagine all the ways  breached data is leveraged, with unsuspecting victims at serious risk. At least customers of CapitalOne know (or will soon know) what has happened, and the company will help with preventative measures to protect them. 

As the buzz continues, I can't help but worry more about the breaches and leaks that quietly come and go unrecognized and unreported. And what we can do together as a community to fight data breaches related crimes.