Capital One is admitting a "data security incident" from March of 2019 — one that looks to impact about 100 million people in the U.S. and about 6 million in Canada, including names, addresses, birth dates, credit scores and more.

The hacker, in this case, is actually known — and in custody. But what has happened to the data is unknown, and the company says it will "continue to investigate."

"While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened," said Richard D. Fairbank, Chairman and CEO in a statement. "I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right."

Read More:

• Two-thirds of hotel websites leak sensitive customer data
• 2019 data breaches and how to up your cyber security game
• Equifax data breach has 2.4M more victims than first thought

Details including names, addresses and in some cases Social Security numbersiStock

Data breaches are a growing problem. One of the most recent hack involves Equifax, which impacted more than 147 million people, and has forced the company to set aside $700 million as a settlement.

Norton Core Secure WiFi Router, 4x4 AC2600 (up to 3000 sq.ft), Protect all your Network and IoT Devices, Parental Controls, Works w/Amazon Alexa, Free one-year of Norton Security included

List Price: $199.99

New From: $631.80in Stock

Used From: $99.99in Stock

Just one person is responsible for the hack, according to the company, breaking into Capital One's system through a "configuration vulnerability," which was discovered by an outside security expert on July 17. Capital One verified the hack two days later, which impacted those people who had applied for credit cards.

Customer credit card numbers and even log-in details are not said to be impacted. But Social Security numbers were involved in the hack, about 140,000 of U.S. customers — and one million people in Canada.

Additionally, 80,000 bank accounts linked to the credit cards were accessed as well. The data came from records spread over 23 different days across three years: 2016, 2017 and 2018.

While Capital One said it encrypts data, in this case, the hacker was able to decrypt the data. However, most of the Social Security and all of the account numbers were protected via "tokenization," said the company which replaces the number with other details, and protected the bulk of these details.

The vulnerability is now fixed, said Capital One, which is alerting customers who were impacted, and also offering free credit monitoring and identify protection to them as well.

GearBrain TV: How to Secure your Smart Deviceswww.youtube.com

D-Link - DIR-2680-US-W - D-Link D-Fend DIR-2680 IEEE 802.11ac Ethernet Wireless Router - 2.40 GHz ISM Band - 5 GHz UNII Band - 325 MB/s Wireless Speed - 3 x Network Port - 1 x Broadband Port - USB -

List Price: $199.99

New From: $199.99in Stock

Used From: $175.99in Stock