A former Amazon Web Services (AWS) employee has been convicted of multiple crimes related to one of the largest data breaches ever recorded in the United States.
According to a CNBC report, former AWS engineer Paige Thompson used her position at the company to hack into Capital One's database and steal sensitive information from more than 100 million people.
Using the "erratic" alias, she apparently created a tool that helped her find misconfigured accounts on AWS. What she found were more than 30 such instances in the hands of Amazon customers, including Capital One. She then mined this data and installed cryptocurrency miners on some AWS servers.
Electronic fraud, aggravated identity theft
The jury found Thompson guilty of seven federal crimes, including wire fraud, illegal access to a protected computer and damage to a protected computer. She was found not guilty of aggravated identity theft (opens in a new tab) and access device fraud.
"She wanted data, she wanted money and she wanted to show off," Assistant US Attorney Andrew Friedman said of Thompson during closing arguments.
Sentencing is scheduled for September 15 and Thompson's legal representative has yet to comment. Some of these crimes are punishable by up to 20 years in prison.
In mid-2019, financial giant Capital One revealed that it had suffered a serious data breach (opens in a new tab), with approximately 106 million customers in the United States and Canada having their personal data, including their names, stolen. , addresses and phone numbers.
It is also believed that around 140 US Social Security numbers and 000 linked bank account numbers have been compromised, with around one million Social Security numbers belonging to Canadian credit card customers. also affected.
Thompson was reported to the police by a GitHub forum user after she apparently bragged about the attack online.
Capital One faced a class action lawsuit over the infringement and agreed to settle by paying €190 million, plus an additional €80 in statutory penalties.
Via CNBC(Opens in a new tab)