A Seattle tech worker has been convicted for federal crimes related to a 2019 arrest for stolen data

Ex-Amazon Tech Worker Convicted over Capital One Breach costing $270 million

A Seattle tech worker has been convicted for federal crimes related to a 2019 arrest for one of the largest ever financial data hacking cases involving stolen data, wire fraud and illegal mining of crypto currency.

Paige Thompson, 36, hacked into Amazon Web Services’ Cloud to steal data and access computer servers for the purposes of mining crypto currency. She was arrested in July 2019 after the FBI Cyber Task Force were alerted to her activities by Capital One. 

The former Amazon worker stole the information of more than 100 million people according to U.S. Attorney Nick Brown who commented “Far from being an ethical hacker trying to help companies with their computer security, she exploited mistakes to steal valuable data and sought to enrich herself.”

The conviction follows a seven-day trial and a ten-hour jury deliberation after which Thompson was found guilty of five counts of unauthorized access to a protected computers as well as damaging a protected computer. She was found not guilty of aggravated identity theft and access device fraud. 

The tech worker will be sentenced on September 15, 2022 and faces a potential 20 years in prison for wire fraud related offences with another five years for her crimes related to accessing a protected computer and damaging a protected computer. 

The hacker provided plenty of evidence to lead to her arrest and conviction with a multitude of bragging texts and online chats, enabling prosecutors to build up a complete picture of her methods and crimes. “She wanted data, she wanted money, and she wanted to brag,” Andrew Friedman, the US Assistant Attorney commented in his closing argument. 

How did the tech worker access the stolen data?

Thompson used a scanning tool she created to check Amazon Web Services for misconfigured accounts. She then used the information scalped from those misconfigured accounts to hack into and download data from over 30 entities including the bank Capital One, where she accessed almost 80,000 bank account details and 100,000 Social Security Numbers.

Her hacking of Capital One affected over 100 million customers, and in the fallout the bank faced a fine of $80 million and $190 million in settled lawsuits from customers. 

Ms Thompson also used her access to these servers to plant software for mining cryptocurrency, the profits of which were placed in her online wallet. 

How was Flora Thompson caught?

An anonymous email received by Capital One set the FBI on Thompson’s trail, they went on to trace social media statements and a GitHub post back to the former Amazon tech worker. Her texts and emails supplied further evidence as she bragged about her exploits. 

What were the repercussions for customer privacy and security?

The historic financial data breach raised panic and concern amongst customers and companies who had earlier been under the impression that that the security settings of cloud providers were sufficient. Several steps have since been made in Cloud Security. As NetEnrich Threat Hunter John Banbenek informed Dark Reading – “It’s taken a few years, however we are making real strides in not only having default-secure settings, but for security tools to start detecting misconfigurations and malicious behavior in cloud environments,”

As well as having to pay off substantial fines and lawsuits, Capital One now actively encourages customers to sign up for credit card alerts and offers free identity protection and credit monitoring. The company has also substantially tightened up their Cloud Security procedures.