American bank Capital One reported a compromise that occurred on March 22-23, 2019. of the…
The leak also affected information about the credit cards of bank customers, that is, data on credit ratings and limits, balances, payment history, as well as contact information and transaction fragments for 23 days in 2016, 2017 and 2018. In addition, it was reported that the attacker gained access to one million Canadian Social Security numbers, more than 140,000 US Social Security numbers, and 80,000 bank account numbers.
We reported that Hacker of Capital One is suspected in compromising data of 30 more companies.
Then, in connection with the Capital One hack, law enforcement authorities detained 33-year-old Seattle resident Paige A. Thompson (known online under the pseudonym Erratic), a former employee of Amazon Web Services Inc.
The fact is that Thompson mentioned the compromise of Capital One in the comments on GitHub, and used the wrong firewall configuration to penetrate the network. Soon, a vigilant user drew attention to Thompson’s words, who notified representatives of the bank about what was happening, which ultimately led to his arrest.
Even worse, after the arrest, it turned out that the case was not limited to the compromise of Capital One alone. So, during a search in Thompson’s house, law enforcement officers seized servers, which revealed not only information stolen from Capital One, but also several terabytes of data stolen from more than 30 other companies, educational institutions and other organizations.
Law enforcement officers did not disclose the names of the affected companies, but, judging by media reports, among them could be Unicredit, Vodafone, Ford, Michigan State University, the Ohio Department of Transportation and so on.
As a result, Paige Thompson was charged with wire fraud, computer fraud and abuse against Capital One and more than 30 other organizations.
Investigators reported that Thompson created a tool with which she scanned the Internet for misconfigured AWS servers that allowed anyone to access the data stored on them. Moreover, according to court documents, Thompson not only stole information, but also used compromised AWS servers to mine cryptocurrency.
In a seven-day trial, the jury acquitted Thompson of a number of charges, including access device fraud and aggravated identity theft, but found guilty, according to the U.S. Department of Justice now.
Sentencing is scheduled for September 15, 2022, but on the totality of the remaining charges, the burglar faces a sentence of up to 25 years in prison. At the same time, her attempts to rest on the fact that she is an ethical hacker and an information security researcher, obviously, were unsuccessful. In court, the prosecution stated that Thompson “wanted [to steal] data, wanted money, and wanted to show off.”
News-bhexusa.xyz is a domain that tries to trick you into clik to its browser notifications…
News-bhupotu.xyz is a domain that tries to trick you into subscribing to its browser notifications…
News-bhocime.info is a site that tries to trick you into subscribing to its browser notifications…
You-hub.online is a site that tries to force you into clik to its browser notifications…
News-bhecudu.live is a domain that tries to force you into clik to its browser notifications…
News-bhiciwe.today is a site that tries to force you into clik to its browser notifications…