Capital One Financial (COF) disclosed on July 29 that it suffered a massive data breach. The Capital One hack exposed the personal data of 106 million customers in the United States and Canada who had applied for credit cards. Capital One expects the cost of this hack to reach $100 million–$150 million. Still, Capital One expects the hack to have a limited impact on its customers and profits.
Amazon’s (AMZN) AWS cloud platform stored the stolen data in the Capital One hack. As a result, Amazon faces added scrutiny regarding the security of its cloud.
However, the Capital One hack didn’t succeed because of security weaknesses in Amazon’s cloud. Instead, a misconfiguration at Capital One created the opportunity for the hack. Republican and Democratic lawmakers in Washington, DC, have focused on Amazon and how it secures the data of its cloud customers.
AWS to support the 2020 census
Lawmakers are particularly interested in the security of Amazon Web Services. The tech giant provides cloud services to several critical federal agencies and financial institutions. For example, Amazon secured a contract to provide cloud services for the 2020 census.
Amazon is one of the two leading contenders for a massive Pentagon cloud computing contract worth about $10 billion. Further complicating the matters for Amazon is that the suspected hacker is a former employee who is currently facing federal charges in Seattle.
Lawmakers press Amazon for cloud security answers after the Capital One hack
On August 1, Republican lawmakers in the US House of Representatives wrote to Amazon seeking more information on the security of its cloud. These representatives want Amazon to brief them on measures it implemented to ensure the security of sensitive data stored on its cloud. These lawmakers want Amazon to appear for the briefing no later than August 15.
Democratic senator Ron Wyden of Oregon wants Amazon to explain the configuration errors that led to the Capital One hack. The Wall Street Journal reported that an unnamed security researcher found configuration errors like the one that enabled the Capital One breach in over 800 Amazon cloud customers. Wyden wants to understand what Amazon is doing about the configuration errors experienced by its cloud customers and asked for a response by August 13.
AWS generated revenues of $8.4 billion in the second quarter, representing 37% growth year-over-year. Microsoft (MSFT) and IBM (IBM) recorded cloud revenue growth of 64% and 5.4% YoY, respectively, in the second quarter.