Federal Prosecutors Accuse Capital One Hacker of Hitting Dozens More Targets -- Update
August 14 2019 - 4:58PM
Dow Jones News
By Robert McMillan
The hacker charged with stealing millions of Capital One
Financial Corp. records hit more than 30 other targets, federal
prosecutors said, significantly expanding the scale of what was
already considered one of the largest heists of data stored in the
cloud.
The accused hacker, Paige A. Thompson, a former Amazon.com Inc.
employee, was arrested on July 29, and charged with the theft of
106 million Capital One records in one of the largest-ever
bank-data thefts. Ms. Thompson also stole multiple terabytes of
data from more than 30 other companies, educational institutions
and others, prosecutors said in a court filing Tuesday.
Ms. Thompson, who has remained in custody, is scheduled to
appear at a bail hearing Aug. 22. Prosecutors, citing Ms.
Thompson's past behavior, asked the court to deny bail out of
concern she would "resort to threats, violence, or cybercrime."
They said Ms. Thompson had a "long history" of threatening to kill
others and herself. Prosecutors also said they consider Ms.
Thompson a flight risk.
In online discussion forums, Ms. Thompson expressed frustration
over her 2016 dismissal from Amazon, and subsequent inability to
find employment. She claimed to earn money by installing
crypto-mining software on some of the computer systems she
accessed. According to security experts who have viewed her posts,
Ms. Thompson displayed a high level of technical knowledge on the
inner workings of Amazon's cloud.
Earlier this week, Ms. Thompson declined a request from The Wall
Street Journal for an interview, relayed to her by prison
officials. Her lawyer didn't immediately respond to a request for
comment on the latest accusations.
Ms. Thompson allegedly exploited a common cloud configuration
problem to access the Capital One data. The bank has taken
responsibility for not adequately securing its systems, but the
incident also has raised questions about whether Capital One's
cloud computing provider, Amazon, could do more to protect its
customers. Amazon, the world's largest cloud-computing company, has
said that none of its services were the underlying cause of the
break-in.
An Amazon spokesman on Wednesday said that the company is now
running checks and alerting customers if they have the kind of
firewall misconfiguration that Ms. Thompson allegedly exploited.
"Other than Capital One, we haven't yet heard from customers about
a significant loss," he said in an email.
Amazon is also considering additional changes that it can make
to its cloud subsystems that will better protect its customers, the
company said in a letter dated Wednesday and sent in response to
questions about the breach raised last week by Sen. Ron Wyden (D.,
Ore.).
In a statement, Sen. Wyden said that while he appreciates the
steps Amazon is taking to address these security issues, the
company still needs to do more to protect its customers. "Without
additional action, I fear we will continue to see repeats of the
Capital One breach, with American consumers as the real victims,"
he said.
Ms. Thompson's alleged hack was discovered after she posted
details about her hack online, leading a tipster to notify Capital
One.
Prosecutors said they expect to add to the charges against Ms.
Thompson for each additional entity hit. "Although not all of those
intrusions involved the theft of personal identifying information,
it appears likely that a number of the intrusions did," prosecutors
said. The investigation into who exactly was targeted and what
information was taken continues, they said.
The latest filings didn't say whether all of the affected
companies are Amazon customers.
In online postings viewed by the Journal, Ms. Thompson suggested
she had accessed data at several other entities, including Ford
Motor Co., UniCredit SpA, Italy's largest bank, and Michigan State
University. Ford said it wasn't affected. UniCredit and Michigan
State University have said they were investigating the
incident.
The impact of Ms. Thompson's crime, prosecutors said, "will be
immense." Capital One has said the data breach will cost it as much
as $150 million. A Capital One spokeswoman didn't immediately
return messages seeking comment.
Prosecutors, in their latest court submission, also detail
several of the run-ins Ms. Thompson had with law enforcement before
her arrest last month. In March, police were called to her Seattle
residence after Mr. Thompson allegedly tried to strike a roommate.
Police again were called to the house two months later after Ms.
Thompson allegedly had threatened to "shoot up" the office of an
unnamed California technology company, prosecutors said.
Mike Colias and Sebastian Herrera contributed to this
article.
Write to Robert McMillan at Robert.Mcmillan@wsj.com
(END) Dow Jones Newswires
August 14, 2019 17:43 ET (21:43 GMT)
Copyright (c) 2019 Dow Jones & Company, Inc.
Capital One Financial (NYSE:COF)
Historical Stock Chart
From Jun 2024 to Jul 2024
Capital One Financial (NYSE:COF)
Historical Stock Chart
From Jul 2023 to Jul 2024