Capital One Financial COF has agreed to pay $80 million in fine to U.S. banking regulator over a data breach incident that occurred last year. The cyberattack exposed personal information of 106 million credit card holders of the bank in the United States and Canada.
In the consent order, the Office of the Comptroller of the Currency (OCC) stated that Capital One did not “establish effective risk assessment processes prior to migrating significant information technology operations to the public cloud environment.” The OCC also noted that even after concerns related to cyber security were raised during an internal audit, the top management didn’t take proper action.
Under the terms of the OCC order, Capital One is required to take adequate steps to ensure that its computer system has sufficient security and submit the plans for review. The company faces a similar oversight from the Federal Reserve.
Capital One in a