How to Prevent the Capital One Breach Aporeto Solution Brief
Capital One reported a data breach on July 30, 2019, that affected 106 Million customers and applicants, making it one of the largest data breaches of a big bank. The attacker, Paige Thompson, former Amazon employee, is accused of exploiting a common security vulnerability in a misconfigured Capital One web application firewall (WAF) to access customer data that the bank had stored on AWS.
How the breach occurred was due to the WAF misconfiguration allowing the attacker to trick the firewall into relaying requests to a key back-end resource on the AWS platform. This resource, known as the “metadata” service, hands out temporary information to a cloud server, including current credentials sent from a security service to access any resource in the cloud to which that server has access.Download