Capital One Suspect ‘Breached 30 Other Organisations’ – Report

Former Amazon worker turned Capital One hacker is alleged to have also stolen data from 30 other businesses

The hacker arrested last month for the Capitol One hack in March this year has allegedly stolen data from many other businesses.

US federal authorities arrested Paige Thompson last month, after she allegedly boasted of the exploit on the GitHub code hosting site.

The hack is believed to be one of the largest in banking history and affected 100 million people in the US, and 6 million in Canada. Virginia-based Capital One said it became aware of the attack on 19 July and reported it to law enforcement.

Other Breaches

The hackers were able to steal data including credit scores and balances, as well as the Social Security numbers of about 140,000 individual.

Now the Wall Street Journal reported that prosecutors at the US Department of Justice in court documents have alleged that Thompson not only targeted Capital One, but she also allegedly took files from over 30 other organisations.

Paige Thompson has already been charged with a single count of computer fraud and abuse in the US District Court in Seattle, and faces a maximum sentence of five years in prison and a fine of $250,000 (£204,713).

But the FBI raided Thompson’s residence in July and seized digital devices, with an initial search finding files that made references to Capital One and “other entities that may have been targets of attempted or actual network intrusions”.

And now prosecutors claim that Thompson had “terabytes” of data in her possession.

She used to work for Amazon and reportedly also stole data from its cloud servers.

“The perpetrator of this breach was identified unusually fast and turned out to be a former employee of AWS,” said Igor Baikalov, chief scientist at Securonix.

“This fact alone shouldn’t be considered a setback for the adoption of public cloud. It should rather be viewed as another harsh reminder of the importance of third party security and insider threat programs for both providers and consumers of public cloud services,” he said.

Flight risk

This means that further charges could be levelled against her, due to the evidence gathered from her home.

The FBI is reportedly working to identify all those who had had data taken so it could alert them to the suspected theft.

Thompson has remained in custody, and is scheduled to appear at a bail hearing 22 August.

Prosecutors have cited Thompson’s past behaviour, when they asked the court to deny bail out of concern she would “resort to threats, violence, or cybercrime.” They alleged that Thompson had a “long history” of threatening to kill others and herself.

Prosecutors also reportedly said they consider Thompson a flight risk.

Do you know all about security? Try our quiz!