Former Amazon engineer convicted in 2019 Capital One knowledge breach

A Seattle jury has discovered Paige Thompson, a former Amazon software program engineer accused of

A Seattle jury has discovered Paige Thompson, a former Amazon software program engineer accused of stealing knowledge from Capital One in 2019, responsible of wire fraud and 5 counts of unauthorized entry to a protected laptop. The Capital One hack was one of many greatest safety breaches within the US and compromised the information of 100 million individuals within the nation, together with 6 million individuals in Canada. Thompson was arrested in July that 12 months after a GitHub person noticed her put up on the web site sharing details about stealing knowledge from servers storing Capital One data. 

In accordance with the Division of Justice, Thompson used a device she constructed herself to scan Amazon Internet Companies for misconfigured accounts. She then allegedly used these accounts to infiltrate Capital One’s servers and obtain over 100 million individuals’s knowledge. The jury has determined that Thompson violated the Laptop Fraud and Abuse Act by doing so, however her attorneys argued that she used the identical instruments and methodology additionally utilized by moral hackers.

The Justice Division lately amended the Laptop Fraud and Abuse Act to guard moral or white hat hackers. So long as researchers are investigating or fixing vulnerabilities in “good religion” and aren’t utilizing the safety holes they uncover for extortion or different malicious functions, they will not be charged underneath the regulation.

US authorities, nonetheless, disagreed with the assertion that she was solely attempting to reveal Capital One’s vulnerabilities. The Justice Division mentioned she planted cryptocurrency mining software program onto the financial institution’s servers and despatched the earnings straight to her digital pockets. She additionally allegedly bragged concerning the hack on on-line boards. 

See also  Amazon avoids fines and different penalties in Illinois warehouse collapse

“Removed from being an moral hacker attempting to assist firms with their laptop safety, she exploited errors to steal helpful knowledge and sought to counterpoint herself,” US Legal professional Nick Brown mentioned. Thompson could possibly be sentenced with as much as 20 years of jail time for wire fraud and as much as 5 years for every cost of illegally accessing a protected laptop. Her sentencing listening to is scheduled for September fifteenth.

All merchandise really useful by Engadget are chosen by our editorial group, impartial of our guardian firm. A few of our tales embrace affiliate hyperlinks. Should you purchase one thing via one in all these hyperlinks, we might earn an affiliate fee.

Supply: Engadget.