Incidents like these are going to change our concept of "Know Your Customer" (KYC). Cyber threats are not only coming from external attackers, but are also coming from inside the company, and not only employees or "insiders" (as we usually call them), but now fraudulent customers.
Businesses need to be able to validate who is really signing up for their products, services, etc. Cyber criminals are using stolen identity information to commit fraud and infiltrating companies as customers to better target and construct more sophisticated attacks. In essence, new mechanisms, techniques, and technologies to better know your customers, partners, and employees and identity who the real adversaries are will be required in the near future.
Sometime between March and July, Thompson allegedly took advantage of a misconfigured firewall within Capital's One network and then gained access to several years' worth of credit card data stored within the company's cloud storage system, according to the federal indictment