Accused Capital One Hacker Stands Trial for Fraud and Identity Theft

Simply as Amazon shops tens of millions of bodily items in a dizzying array of warehouses, Amazon Net Providers hosts huge quantities of knowledge for different firms that hire area on its servers. Amongst its prospects was Capital One.

In early 2019, a number of years after she stopped working for Amazon Net Providers, Ms. Thompson looked for its prospects who had not correctly arrange firewalls to guard their knowledge. “Thompson scanned tens of tens of millions of AWS prospects searching for vulnerabilities,” Mr. Brown wrote in a authorized submitting. By March, she had found a vulnerability that allowed her to obtain knowledge from Capital One, the prosecutor added.

In June 2019, Ms. Thompson despatched on-line messages to a girl and disclosed what she had discovered, authorized filings mentioned. Ms. Thompson added she had thought of sharing the info with a scammer, and mentioned she would publicly reveal her involvement within the breach.

“I’ve mainly strapped myself with a bomb vest,” Ms. Thompson mentioned in copies of the web chat that had been included in court docket information, referring to her plan to publicly launch the info and expose herself.

The lady instructed that Ms. Thompson flip herself in to the authorities, prosecutors mentioned. A month later, the lady contacted Capital One and instructed the financial institution in regards to the breach. Capital One knowledgeable regulation enforcement officers, and Ms. Thompson was arrested in late July 2019. If convicted, she may face greater than 30 years in jail.

“The snapshots submitted by the federal government are an incomplete and inaccurate portrayal of a life extra pretty described as one in all survival and resilience,” Mohammad Ali Hamoudi, a lawyer representing Ms. Thompson, and different members of her authorized workforce wrote in a submitting. Ms. Thompson had sought psychological well being remedy, they added, demonstrating her resolve to confront her issues.

In 2020, Capital One agreed to pay $80 million to settle claims from federal financial institution regulators that it lacked the safety protocols wanted to guard prospects’ knowledge. The settlement additionally required the financial institution to work rapidly to enhance its safety. In December, Capital One agreed to pay $190 million to individuals whose knowledge had been uncovered within the breach, settling a class-action lawsuit.