UPDATED 21:52 EST / AUGUST 29 2019

SECURITY

Alleged Capital One hacker indicted for hacking 30 other companies

Paige A. Thompson, the alleged hacker behind the theft of more than 100 million customer records from Capital One Financial Corp., has been indicted on additional charges for hacking more than 30 companies.

Thompson was first said to have been involved in the hacking of other companies Aug. 14 when the U.S. Department of Justice said it had found evidence of other companies being hacked. The new federal grand jury indictment, announced Wednesday, of multiple counts of wire fraud and computer fraud now make that official.

The Justice Department did not reveal the companies hacked, saying only that they included “a state agency outside the State of Washington; a telecommunications conglomerate outside the United States; and a public research university outside the State of Washington.” The description does line up with a list of companies and government bodies that are speculated to have been targeted by Thompson: UniCredit S.p.A, Vodafone plc, Ford Motor Co., Michigan State University and the Ohio Department of Transportation.

The methodology in each case was the same as with the Capital One breach. “Thompson created scanning software that allowed her to identify customers of a cloud computing company who had misconfigured their firewalls, allowing outside commands to penetrate and access their servers,” the Justice Department said.

That the “cloud computing company” is Amazon Web Services Inc. is already known, Thompson previously having worked at AWS. The data, at least in the Capital One case, was allegedly stored on an AWS S3 storage instance.

The intent of stealing the data remains unclear, with Thompson continuing to claim not to have sold, shared or disseminated any of the data. The data theft may ultimately have been a sideshow, however, to her main intent, since it has now been revealed that she installed scripts to mine for cryptocurrency.

As Geekwire pointed out, there had been previous hints that Thompson, who was also unemployed, had been involved in maliciously installing cryptomining scripts, a process referred to as cryptojacking. She is said to have written on Slack at one point that “I’ll be employed again soon and if I had a partner I could have them take over my cryptojacking enterprise and be a stay at home.”

Posting under an alias, Thompson is also said to have written June 26 that “for some reason [I] lost a whole fleet of miners all at the same time, so [I] think someone is onto me.” Thompson was arrested for allegedly hacking Capital One in July.

Unless a plea deal is forthcoming, fairly common in hacking cases, Thompson could be facing an awfully long time in jail if found guilty. Each of the charges in the new indictment carries penalties of up to 25 years in prison.

Photo: Billy Hathorn/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU