A former female engineer who worked for Amazon Web Services (AWS) was found guilty of getting into the cloud storage systems of more than 100 million customers and gathering information relevant to the 2019 Capital One breach. This information was used in the breach that occurred at Capital One. Amazon Web Services (AWS) is the cloud branch of online retailing giant Amazon.
Paige Thompson, a former tech worker who is now 36 years old, was found guilty of seven federal felonies in Seattle's US District Court in connection with her plan to hack into cloud computing accounts and steal data and computing resources for her own gain. The crimes were committed as part of Thompson's scheme to steal for her own benefit. After Capital One reported Thompson's hacking activities to the FBI, the agency placed her under arrest in July of 2019.
The United States Department of Justice has issued a statement indicating that Thompson's sentencing will take place on September 15, 2022, before United States District Judge Robert S. Lasnik.
Thompson "used her hacking abilities to acquire the personal information of more than 100 million individuals and hijacked computer systems to mine cryptocurrency," according to US Attorney Nick Brown. Thompson also mined bitcoin using the computers she took over.
Brown went on to say that "far from being an ethical hacker seeking to assist organizations with their computer security, she exploited faults to steal valuable data and attempted to profit herself." "Far from being an ethical hacker trying to help companies with their computer security,"
Thompson was found guilty of damaging a protected computer in addition to the five counts of unauthorized access to a computer that was under protection, and he was sentenced to prison. The jury, however, came to the conclusion that she was neither responsible for the access device fraud nor the serious identity theft.
Andrew Friedman, an assistant United States attorney, said that the defendant's motivations were to "brag, get money, and get data."
Because of the security breach at Capital One, the personal information of more than 100 million clients in the United States was exposed. The company settled consumer complaints about a total of $210 million, including a $190 million payment and an additional $80 million in penalties.