McLEAN, Va. (CBS/CBS News/AP) — A hacker gained access to more than 100 million Capital One customers’ account and credit card applications, the bank said Monday.

The bank, which is based in McLean, Virginia and has Chicago offices at 77 W. Wacker Dr., said Monday that it found out about the vulnerability in its system July 19 and immediately sought help from law enforcement to catch the perpetrator.


The company said the breach happened on March 22 and 23 of this year. The information compromised includes 140,000 Social Security numbers and 80,000 thousand linked bank accounts.

In addition, an undisclosed number of names, addresses, credit scores, credit limits, and balances were affected.

Capital One said it will notify people affected by the breach and offer free credit monitoring.

The Justice Department said a 33-year-old woman was arrested. The arrest reportedly happened in Seattle.

The suspect, a former tech company software engineer, is accused of posting about the breach on an information sharing site and bragging about it.

Capital One said it believes that it is unlikely that the information was used for fraud, but it will continue to investigate.

“While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened,” Capital One chairman and chief executive officer Richard D. Fairbank said in a news release. “I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.”

The data breach affected about 100 million people in the U.S. and 6 million in Canada.

Computer fraud and abuse is punishable by up to five years in prison and a $250,000 fine, according to the Department of Justice.

(© Copyright 2019 CBS Broadcasting Inc. All Rights Reserved. CBS News and The Associated Press contributed to this report.)