In one of the most significant data breaches to ever be documented, former Amazon Web Services representative, Paige Thompson, is thought to be the brains behind the data violation of Capital One bank.
According to the charge sheet leveled against her, Thompson is believed to have not only breached Capital One bank information but also utilized its serves to secretly mine cryptocurrency. Apart from Capital One, Thompson is also being charged for infringing security protocols of other 30 companies where she managed to gain access to user information.
Federal agents arrested the 33-year-old Thompson for the crimes leveled against her, disclosing that the software engineer expert managed to compromise the country’s seventh most significant financial institution to access the private information of millions of applicants and customers.
According to an indictment that was unsealed on Wednesday, Thompson is facing a buffet of allegations leveled against her by the American government. Thompson was arrested Mid-July for her illegal activities that are said to have also affected more than 100 million Capital One customers who had applied for credit cards. The user information is said to have been stored on a defenseless Amazon server that was misconfigured by the bank.
Ex Amazon Employee Allegedly Managed to Hack Capital One
According to media outlets, Thompson was an employee of Amazon who also served as a system engineer for another cloud hosting company that used to service Capital One. While the cloud hosting company remains anonymous, Amazon Web Services representatives came out publicly to confirm the news of Thompson being a former employee of the company. Even though Thompson used to work for Amazon, she left the company three years before executing the hack.
It is believed Thompson managed to gain access to Capital One’s database by taking advantage of a misconfigured web application firewall.
How Thompson Hacked Capital One Bank
According to the government report, Thompson managed to pilfer Capital One’s computer login details from Amazon servers to gain him access to the company’s user information and servers. Thompson would later abuse the administration rights that she had learned over the company’s servers to both steal user information and use up server capabilities to mine virtual currencies. According to the indictment, such mining activities are usually known as crypto-jacking.
If found guilty, the 33-year-old cross-dresser who lived in Seattle’s Beacon Hill neighborhood will be imprisoned for 25 years in prison on one count of computer fraud and abuse and one count of money transfer fraud.
According to the accusations leveled against her, Thompson infringed user information from 30 institutions that include a US state office, an open research college, and a telecommunication combination. This is apart from the accusations of gaining illegal entry to Capital One bank servers and using their computer to mine cryptocurrencies for personal benefit.
Although court records remain dainty on Thompson’s crypto-jacking activities, the amount she earned from her illegal dealing is rumored to be hefty and substantial going by her Slack messages. It appears Thompson was very successful in her crypto-jacking activities going by her boasting cryptographic money messages that have since gone viral.
“I will be in operation soon. In the event I had a helper, I could have allowed them to do the heavy lifting over my crypto-jacking efforts and retire as a stay at home worker,”
Thompson boasted under a nom de plume.
In a move of arrogance and confidence, Thompson posted yet again assuming a different alias on June 26 saying:
“For reasons not known to me, it has come to my attention that I have lost a complete fleet of excavators all simultaneously. Am suspecting one if you guys are onto me.”
After a few weeks, the information hack was noted by Capital One bank prompting them to zero in Thompson’s hacking spectacle.
Author: Ali Qamar