At the end of July, the FBI and Capital One disclosed that the bank had suffered a massive data breach just a few months before, exposing personal and financial data from more than 100 million customers. The FBI arrested former Amazon employee Paige Thompson, 33, in connection with the crime, and accused her of also breaching 30 other companies and organizations. Now, an indictment unsealed on Wednesday offers a fuller picture of the government's allegations against Thompson, and the scope of her alleged hacking spree.
Thompson, who also goes by the online handle "erratic," allegedly created a program in late March to scan cloud customers for a specific web application firewall misconfiguration. The indictment only refers to the platform as the "Cloud Computing Company," but an Amazon spokesperson confirmed to WIRED that it was Amazon Web Services. Thompson's prior role at the company didn't lend her any insider access in this case. Once the tool found its target misconfiguration, Thompson allegedly exploited it to extract privileged account credentials for victim databases and other web applications.
"Thompson is charged with wire fraud and computer fraud and abuse for the intrusion into data of Capital One and more than 30 other entities," the Department of Justice said in a statement late Wednesday. "Law enforcement has identified many of the victims whose data was accessed and is working to notify them."
Court documents say that once Thompson gained access to victims' cloud infrastructure using the stolen credentials, she then allegedly accessed and exfiltrated data. But the indictment also claims that in some cases she used this access to set up cryptocurrency mining operations using victims' cloud computing power—a practice known as cryptojacking ..
Support the originator by clicking the read the rest link below.
