Capital One, the second largest auto finance company in the United States, operates a Responsible Disclosure Program where researchers can disclose potential vulnerabilities via email. In mid-July, the company received the email below with a link to leaked information on Paige A. Thompson’s GitHub account.