Capital One Suspect ‘Breached 30 Other Organisations’ – Report

The hacker arrested last month for the Capitol One hack in March this year has allegedly stolen data from many other businesses.

US federal authorities arrested Paige Thompson last month, after she allegedly boasted of the exploit on the GitHub code hosting site.

The hack is believed to be one of the largest in banking history and affected 100 million people in the US, and 6 million in Canada. Virginia-based Capital One said it became aware of the attack on 19 July and reported it to law enforcement.

Other Breaches

The hackers were able to steal data including credit scores and balances, as well as the Social Security numbers of about 140,000 individual.

Now the Wall Street Journal reported that prosecutors at the US Department of Justice in court documents have alleged that Thompson not only targeted Capital One, but she also allegedly took files from over 30 other organisations.

Paige Thompson has already been charged with a single count of computer fraud and abuse in the US District Court in Seattle, and faces a maximum sentence of five years in prison and a fine of $250,000 (£204,713).

But the FBI raided Thompson’s residence in July and seized digital devices, with an initial search finding files that made references to Capital One and “other entities that may have been targets of attempted or actual network intrusions”.

And now prosecutors claim that Thompson had “terabytes” of data in her possession.

She used to work for Amazon and reportedly also stole data from its cloud servers.

“The perpetrator of this breach was identified unusually fast and turned out to be a former employee of AWS,” said Igor Baikalov, chief scientist at Securonix.

“This fact alone shouldn’t be considered a setback for the adoption of public cloud. It should rather be viewed as another harsh reminder of the importance of third party security and insider threat programs for both providers and consumers of public cloud services,” he said.

Flight risk

This means that further charges could be levelled against her, due to the evidence gathered from her home.

The FBI is reportedly working to identify all those who had had data taken so it could alert them to the suspected theft.

Thompson has remained in custody, and is scheduled to appear at a bail hearing 22 August.

Prosecutors have cited Thompson’s past behaviour, when they asked the court to deny bail out of concern she would “resort to threats, violence, or cybercrime.” They alleged that Thompson had a “long history” of threatening to kill others and herself.

Prosecutors also reportedly said they consider Thompson a flight risk.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Northvolt Mulls US Bankruptcy Protection – Report

Troubled battery maker Northvolt reportedly considers Chapter 11 bankruptcy protection in the United States as…

2 days ago

FTC Plans Investigation Into Microsoft Cloud Business – Report

Microsoft's cloud business practices are reportedly facing a potential anti-competitive investigation by the FTC

2 days ago

Programmer Sentenced To Five Years In Prison For Bitcoin Laundering

Ilya Lichtenstein sentenced to five years in prison for hacking into a virtual currency exchange…

2 days ago

Hate Speech Watchdog CCDH To Quit Musk’s X

Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…

3 days ago

Meta Fined €798m Over Alleged Facebook Marketplace Violations

Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…

3 days ago

Elon Musk Rebuked By Italian President Over Migration Tweets

Elon Musk continues to provoke the ire of various leaders around the world with his…

3 days ago