UPDATED 20:40 EST / AUGUST 14 2019

SECURITY

Capital One hacker may have stolen data from 30+ other companies

Paige A. Thompson, the alleged hacker behind the theft of more than 100 million customer records from Capital One Financial Corp., may have stolen data from more than 30 other companies and organizations, according to a court filing made public today.

The allegations came via the Department of Justice, which said in the filing that the theft of Capital One’s data was only one part of her criminal conduct. “The servers seized from Thompson’s bedroom during the search of Thompson’s residence, include not only data stolen from Capital One, but also multiple terabytes of data stolen by Thompson from more than 30 other companies, educational institutions and other entities, ” the filing states.

The filing does not name any of the other hacked companies or organizations but notes that much of the data does not contain personally identifying information, suggesting that Thompson may have stolen code or other proprietary secrets.

This isn’t the first time it has been suggested that Thompson may have hacked other companies and organizations ZDNet notes with a report last month claiming that she may have also targeted UniCredit S.p.A, Vodafone plc, Ford Motor Co., Michigan State University and the Ohio Department of Transportation.

The hacks in all those cases involved breaching Amazon Web Services Inc.’s cloud servers belonging to the target companies. In the case of Capital One, Thompson, a former AWS employee, obtained access to the data through a misconfiguration of a firewall on a web application, allowing her to access the server where the data were stored.

The Justice Department filing notes that Thompson claims not to have sold, shared or disseminated any of the data she stole but that it is “too earlier to confirm that this is the case.”

Thompson is alleged to have previously shared at least some of the stolen data online on GitHub, ultimately leading to both the discovery of the hack and Thompson’s arrest. Tthat hasn’t gone unnoticed by others.

A class-action lawsuit filed in the U.S. District Court for the Northern District of California Aug. 1 in relation to the Capital One data breach claims that GitHub “actively encourages” hackers. Further, it said that active encouragement means it has a higher responsibility than most repositories to scan uploaded files for dangerous or illicit data, Dark Reading reported.

The lawsuit further claims that Thompson shared files containing information on the methods used in the breach on GitHub in April. GitHub has been owned by Microsoft Corp. since October following a $7.5 billion acquisition deal.

GitHub denies that any personally identifiable information was posted on its site but does not deny that the methodology used in the hack was shared and then later taken down.

Photo: Tdorante10/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU