Capital One says a hacker, 33-year-old Paige Thompson, gained access to more than 100 million customer accounts and credit card applications earlier this year.
Thompson is a former tech company software engineer and has been arrested for the breach.
Capital One says it fixed the vulnerability exploited in the breach, that it’s unlikely the data was used for fraud or disseminated, but it is still investigating.
And it will notify people affected by the breach and provide free credit monitoring and identity protection.
The company said no credit card account numbers or login credentials were compromised.