Hacker of Capital One is suspected in compromising data of 30 more companies
In June 2019, it was reported about the compromise of the American bank Capital One and the leak of data from 106 million users.Data of users that turned to the bank for credit cards in the period from 2005 to 2019 leaked to the side. Data included names, addresses, zip codes, phone numbers, email addresses, dates of birth and user income data.
The leak also affected information on credit cards of bank’s customers, as data on credit ratings and limits, balances, payment history, as well as contact information and fragments of transactions for 23 days in 2016, 2017 and 2018.
“The cracker gained access to a million Canadian Social Security numbers, more than 140,000 US Social Security numbers, and 80,000 bank account numbers”, – reported the media according to court documents.
Recalling, in connection with the hacking of Capital One, law enforcement authorities detained a 33-year-old resident of Seattle Page A. Thompson aka Erratic, a former employee of Amazon Web Services Inc.
According to an official statement by the Justice Ministry, Thompson mentioned the compromise of Capital One in the comments on GitHub, and used the wrong firewall configuration to penetrate the network. On July 17, 2019, a vigilant user drew attention to the words of Thompson, notifying the representatives of the bank about what was happening, which ultimately led to her arrest.
Read also: Hacking financial holding Capital One led to a leak of 106 million people’s data
Now ZDNet reports that,according to court documents, her actions were not limited to compromising Capital One. So, during a search in the Thompson house, law enforcement officers found servers on which were not only the information stolen from Capital One, but also several terabytes of data stolen from more than 30 other companies, educational institutions and other organizations.
Security researcher John Wethington told TechCrunch that basing on public information, including the Slack channel of which the alleged hacker was a member, data of other companies was also stolen.
“Based on the information gathered from publicly available sources, as on the alleged hackers’ GitHub and GitLab accounts, as well as public information from the Slack channel, it’s clear that organizations including Ford, Vodafone and others are possible victims of what appears to be a massive sensitive data hacking spree”, – he said.
So far, law enforcement officials have not disclosed the names of the affected companies, but judging by previous media reports, they may also include Unicredit, the University of Michigan and the Ohio Department of Transportation.
According to the prosecutor’s office, detected data significantly differ in both type and quantity, but, apparently, these dumps did not contain personal and identification information.