Over 100 million customers were compromised in a massive data breach at the financial giant and credit card issuer Capital One has announced, saying the perpetrator who is a Seattle-based woman has been arrested. Also Read - Data of 10 Crore Indian Cardholders Selling on Dark Web, Claims Researcher; Juspay Confirms Breach

The actual crime occurred on March 22-23 this year and for as many as 140,000 individuals, the exposure included Social Security Numbers while for 80,000, their linked bank account numbers as well, said Capital One which is a major credit card issuer in the US and also operates retail banks. Also Read - WhatsApp Refutes Claims of 'Unsecure' Payment Services System Before SC; Calls Allegations 'Absolutely Baseless'

“Capital One immediately fixed the configuration vulnerability that this individual exploited and promptly began working with federal law enforcement. The FBI has arrested the person responsible and that person is in custody. Based on our analysis to date, we believe it is unlikely that the information was used for fraud or disseminated by this individual. However, we will continue to investigate,” the company said in a statement late Monday. Also Read - Anonymous Hacker Strikes Again: Intel Hacked, 20 GB of Confidential & Intellectual Data Leaked Online

The data leak affected approximately 100 million individuals in the US and approximately 6 million in Canada.

“While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened,” said Richard D. Fairbank, Chairman and CEO, Capital One.

“I sincerely apologise for the understandable worry this incident must be causing those affected and I am committed to making it right.”

However, no credit card account numbers or log-in credentials were compromised and over 99 per cent of Social Security numbers were not compromised, claimed the company.

Capital One said the hacker was able to “exploit” a “configuration vulnerability” in the infrastructure.