Breach, Data Security

House Republicans ask Capitol One and Amazon for briefing on data breach


Republican members of the House of Representatives' Committee on Oversight and Reform this week sent open letters to both Capital One and Amazon, requesting that both companies arrange a briefing with Congressional staff members regarding Capital One's recently announced data breach.

Last Monday, McLean, Va.-based Capital One Financial Corporation publicly acknowledged that an unauthorized individual leveraged a misconfigured web application firewall last March to access the finance company's files, hosted on Amazon Web Services S3 servers. Paige A. Thompson, 33, a former AWS employee in Seattle, was arrested in connection with the breach, which affects 106 million individuals in the U.S. and Canada.

"The Committee regularly conducts oversight of data breaches at financial institutions," says a letter addressed to Capital One Chairman and CEO Richard Fairbank, signed by Jim Jordan (R-Ohio), committee Ranking Member; Michael Cloud (R-Texas); ranking member of the subcommittee on economic and consumer policy; and Mark Meadows, ranking member of the subcommittee on government operations. (R-N.C.) "To help us more fully understand Capital One's recent incident and its potential to affect millions of Americans, we ask that you please arrange for a staff-level briefing on the incident, its nature and scope, as well as Capital One's response to the disclosure."

The Republicans' other letter, which is addressed to Inc. CEO Jeff Bezos, expresses interest in AWS' current security protocols, and further notes that the Oversight and Reform Committee "may carefully examine the consequences of this breach" in light of the fact that AWS will be providing Internet connectivity and cloud support for the 2020 Census, and may potentially operate the Department of Defense's Joint Enterprise Defense Infrastructure cloud computer system. (The Pentagon is reportedly now reviewing its selection of Amazon for the latter project, after President Donald Trump expressed concerns that the bidding process was biased toward Amazon.)

Both letters request briefings no later than Aug. 15 of this year.

A report in The Hill yesterday said that Oversight and Reform Committee Chairman Elijah Cummings (D-Md.) also was interested in investigating the incident, noting that “our committee has a long and bipartisan history of investigating data breaches in the government and private sector, and we look forward to hearing more information about what happened from Capital One."

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.