Last Friday, Paige Thompson, a former Amazon engineer, was found guilty on account of several federal crimes including charges of wire fraud and the hacking of personal information belonging to over 100 million Capital One customers.
Ms. Thompson was convicted by a Seattle jury for violating the Computer Fraud and Abuse Act, an anti-hacking law that prohibits the use of a computer without authorization.
The incident, which occurred back in 2019, involved the hacker stealing and downloading the private personal information of over 100 million Capital One customers. That July, Capital One was able to discover the breach after being alerted by a woman who had spoken with Ms. Thompson. An arrest was made soon after with the help of the Federal Bureau of Investigation.
Ms. Thompson’s legal team claimed that she had acted with intentions of hunting for software vulnerabilities in order to report them, but the evidence told a different story. “Far from being an ethical hacker trying to help companies with their computer security, she exploited mistakes to steal valuable data and sought to enrich herself,” Nicholas W. Brown, the U.S. attorney for the Western District of Washington, said. Furthermore, the Justice Department found that Ms. Thompson had advantageously mined for cryptocurrency in Capital One’s servers and bragged to online friends.
In an article published in The New York Times, journalist Kate Conger wrote, “Regulators said Capital One lacked the security measures it needed to protect customers’ information.” A year following the breach, the financial corporation agreed to pay $80 million to settle the claims that were made as well as an additional $190 million to compensate people who had been affected by the breach.
In addition to fraud wire charges, it took the jury 10 hours to find Ms. Thompson guilty of five counts relating to obtaining illegal access to and damaging a protected computer. She was found innocent of identity theft and access device fraud.
Ms. Thompson is scheduled to be sentenced on September 15.
Link to article: https://www.nytimes.com/2022/06/17/technology/paige-thompson-capital-one-hack.html
Ms. Thompson was convicted by a Seattle jury for violating the Computer Fraud and Abuse Act, an anti-hacking law that prohibits the use of a computer without authorization.
The incident, which occurred back in 2019, involved the hacker stealing and downloading the private personal information of over 100 million Capital One customers. That July, Capital One was able to discover the breach after being alerted by a woman who had spoken with Ms. Thompson. An arrest was made soon after with the help of the Federal Bureau of Investigation.
Ms. Thompson’s legal team claimed that she had acted with intentions of hunting for software vulnerabilities in order to report them, but the evidence told a different story. “Far from being an ethical hacker trying to help companies with their computer security, she exploited mistakes to steal valuable data and sought to enrich herself,” Nicholas W. Brown, the U.S. attorney for the Western District of Washington, said. Furthermore, the Justice Department found that Ms. Thompson had advantageously mined for cryptocurrency in Capital One’s servers and bragged to online friends.
In an article published in The New York Times, journalist Kate Conger wrote, “Regulators said Capital One lacked the security measures it needed to protect customers’ information.” A year following the breach, the financial corporation agreed to pay $80 million to settle the claims that were made as well as an additional $190 million to compensate people who had been affected by the breach.
In addition to fraud wire charges, it took the jury 10 hours to find Ms. Thompson guilty of five counts relating to obtaining illegal access to and damaging a protected computer. She was found innocent of identity theft and access device fraud.
Ms. Thompson is scheduled to be sentenced on September 15.
Link to article: https://www.nytimes.com/2022/06/17/technology/paige-thompson-capital-one-hack.html
