Capital One Hit With $80 Million Fine, Cease & Desist Order, Over 2019 Data Breach

The Fed on Thursday announced a new fine imposed on Capital One for a massive data breach last year that impacted more than 100 million people. Within 90 days, the company must also submit a plan to the central bank showing how it will improve protection of customers’ personal information, along with an internal audit of the firm’s risk management protocols.

Capital One has also agreed to pay an $80 million fine to the Office of the Comptroller of the Currency over the major hacking incident, which occurred last year.

The Virginia-based bank and credit card issuer says it has taken steps to tighten security, even before the July 2019 arrest of the suspected hackers who pulled off the attack.

But under these orders, CO will be required to take additional steps.