⁍ Capital One Financial Corp will pay an $80 million penalty to a U.S. bank regulator after the bank suffered a massive data breach one year ago.

---

⁍ The fine, announced Thursday by the Office of the Comptroller of the Currency, punishes the bank for failing to adequately identify and manage risk.

---

⁍ In July 2019, the bank disclosed that personal information including names and addresses of about 100 million individuals in the United States and 6 million people in Canada were obtained by a hacker.

---

– Capital One will pay an $80 million penalty after a data breach exposed the names, addresses, and Social Security numbers of 100 million Americans and 6 million Canadians last year. The Office of the Comptroller of the Currency announced the fine Thursday, saying the bank failed to identify and manage risk as it moved “significant portions of its technological operations to the cloud,” Reuters reports. The bank said in a statement that “Safeguarding our customers’ information is essential to our role as a financial institution,” and that “in the year since the incident, we have invested significant additional resources into further strengthening our cyber defenses, and have made substantial progress in addressing the requirements of these orders.” The OCC also ordered the bank to overhaul its operations to ensure it is adequately guarding against general cybersecurity risks and risks specific to cloud operations, and submit those plans for review. The OCC said in its consent order that the bank failed to identify and manage risks leading up to the move to cloud storage, and lacked sufficient network security and data loss prevention controls.