+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 
  • Home
  • personal finance
  • The ex-Amazon employee who allegedly hacked into the 5th largest credit card company in the US posted about it online, the FBI says.

The ex-Amazon employee who allegedly hacked into the 5th largest credit card company in the US posted about it online, the FBI says.

Lauren FriasJul 30, 2019, 15:37 IST

Advertisement
Chris Helgren/Reuters
  • Former software engineer Paige A. Thompson hacked into Capital One systems and accessed information to more than 100 million credit card customers, according to prosecutors. Authorities say they tracked down the suspect after she allegedly talked about it online.
  • Thompson was arrested by the FBI in Seattle and was charged with a single count of computer fraud and abuse.
  • FBI agent Joel Martini laid out evidence, which was found online on Github, Slack, Meetup, and Twitter, in the criminal complaint.
  • Visit Business Insider's homepage for more stories.

A software engineer in Seattle was behind the major Capital One data breach, which impacted over 100 million credit card customers in the US and Canada, prosecutors alleged in a criminal complaint.

Paige A. Thompson, a former Amazon employee, was arrested by the FBI in Seattle and appeared in court on Monday. She was charged with with a single count of computer fraud and abuse, and could face a sentence of up to five years in prison and a $250,000 fine.

The breach occurred on March 22 and 23, 2019. According to Capital One, the largest category of information that was compromised involved consumers and small businesses who applied for credit cards between 2005 and early 2019.

FBI agent Joel Martini laid out evidence, which was found online on Github, Slack, Meetup, and Twitter, in the criminal complaint.

Advertisement

 

Kevin Mitnick, computer security consultant and convicted hacker, also posted on Twitter about the incident.

 

Scroll down to see the evidence that led to Thompson's arrest:

  •  

The criminal complaint alleges Thompson posted that she hacked Capital One on the code-sharing site GitHub.

According to the US Attorney's Office for the Western District of Washington, Thompson posted about the leaked information to the site GitHub on April 21. The post, dubbed the "April 21 File" in the criminal complaint, contained "a list of more than 700 folders or buckets of data," as well as three commands that functioned to obtain Capital One's credentials and extract data.

Another user spotted the post and flagged it to Capital One on July 17, the complaint alleges. Two days later, the credit card company contacted the FBI to report the incident, and investigators began to look into the account that posted the information.

The complaint states that the GitHub address where the "April 21 File" was posted included Thompson's full name, as well as link to GitLab, which had a resume that included her address and indicated that she was a systems engineer.

Martini found a Slack channel where he alleges Thompson posted incriminating messages about the information theft.

Through open source research, Martini found a group organized by Thompson on Meetup, an online platform where users can build communities, according to the 12-page complaint.

The Meetup group had a invitation code to a Slack channel, which is a service for team collaboration. One of the users, named "erratic," posted "a list of files that [the user] claimed to possess" on June 26, according to the complaint.

A screenshot of the Slack conversation showed one of the members warning user "erratic" not to go to jail, and "erratic" responds saying "I wanna get it off my server thats [sic] why Im [sic] archiving all of it," referring to the stolen information.

The complaint alleges that the username "erratic" was used by Thompson.

The complaint alleges Thompson direct-messaged another Twitter user about the stolen information, saying she has "basically strapped [herself] with a bomb vest."

On Twitter, Thompson allegedly exchanged direct messages with an unidentified individual about the data breach on June 18, the complaint states.

The screenshot of the messages showed that Thompson wanted to "distribute" the "buckets" of information that she obtained. According to the complaint, Martini wrote that the suspect "intended to disseminate data stolen from victim entities, starting with Capital One."

The complaint claims Thompson also acknowledged the information at her disposal in a subsequent message, saying that the information "buckets" include Social Security numbers with full names and dates of birth of the compromised Capital One accounts.

You are subscribed to notifications!
Looks like you've blocked notifications!
Latest Stories
Anil Ambani's Reliance Group sets up centre to helm 2030 growth strategy
Tomato prices falls over 22% in a month due to better supply
India to shift to 'smartphone era' for cars embracing 5G, advanced AI in 2025: Report
Jonathan Bailey confirms return to 'Bridgerton' for season four, production to begin next week
Dubai-based siblings to transfer jiohotstar.com domain to Reliance 'free of cost'
Trending News
Next Article
Next Story
Popular Categories
Trending Right Now

Copyright @ 2024. Times Internet Limited. All rights reserved.For reprint rights. Times Syndication Service.