Ex-Amazon worker convicted over information breach of 100 million CapitalOne prospects – TechCrunch


Paige Thompson, a former Amazon worker accused of stealing the private info of 100 million prospects by breaching banking large CapitalOne in 2019, has been discovered responsible by a Seattle jury on costs of wire fraud and laptop hacking.

Thompson, 36, was accused of utilizing her information as a software program engineer working within the retail large’s cloud division, Amazon Internet Providers, to establish cloud storage servers that had been allegedly misconfigured to realize entry to the cloud saved information utilized by CapitalOne. That included names, dates of delivery, Social Safety numbers, e-mail addresses and telephone numbers, and different delicate monetary info, equivalent to credit score scores, limits and balances.

Some a million Canadians had been additionally affected by the CapitalOne breach.

Thompson additionally accessed the cloud saved information of greater than 30 different corporations, in line with a superseding indictment filed by the Justice Division virtually two years after Thompson was first charged, which reportedly included Vodafone, Ford, Michigan State College and the Ohio Division of Transportation.

Thompson was convicted beneath the Pc Fraud and Abuse Act, which prohibits an individual from accessing a pc system with out authorization. There was some query about her motives, which some stated classed Thompson as a possible moral hacker — the Justice Division stated in Could that it will not prosecute good-faith safety researchers — however prosecutors stated Thompson “exploited errors to steal useful information and sought to counterpoint herself,” together with utilizing the servers she hijacked to plant and mine cryptocurrency.

The Seattle jury discovered Thompson not responsible of id theft and costs referring to machine entry fraud.

The breach of CapitalOne’s cloud information, a lot of it saved on Amazon’s cloud, was one of many greatest hacks of the last decade by dimension alone but additionally due to the sensitivity of the monetary info. CapitalOne’s safety chief was changed a short while after the breach grew to become public, and in 2020, the banking large was fined $80 million by U.S. federal regulators and ordered to enhance its cybersecurity defenses, and was later ordered by a decide to pay near $200 million at school motion damages. CapitalOne made $28.6 billion in income throughout 2019, the 12 months of its breach.

Thompson is predicted to be sentenced in September.

Leave a Reply

Your email address will not be published.