A Seattle-based woman hacked financial giant and credit issuer Capital One in which over 100 million customers were affected.
The massive data breach occurred on March 22-23 this year and for as many as 140,000 individuals, the exposure included Social Security Numbers while for 80,000, their linked bank account numbers as well, said Capital One.
Capital One is a major credit card issuer in the United States and also operates retail banks.
"Capital One immediately fixed the configuration vulnerability that this individual exploited and promptly began working with federal law enforcement.
"The FBI has arrested the person responsible and that person is in custody. Based on our analysis to date, we believe it is unlikely that the information was used for fraud or disseminated by this individual. However, we will continue to investigate," the company said in a statement late Monday.
The data leak affected approximately 100 million individuals in the United States and approximately 6 million in Canada.
"While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened," said Richard D. Fairbank, Chairman, and CEO, Capital One.
"I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right."
However, no credit card account numbers or log-in credentials were compromised and over 99 percent of Social Security numbers were not compromised, claimed the company.
Capital One said the hacker was able to "exploit" a "configuration vulnerability" in the infrastructure.
By Sowmya Sangam