A former Amazon employee, Paige Adele Thompson has been found guilty of wire fraud and data breaching. The software engineer performed a massive hack into Capital One bank and stole the personal information of over 100 million customers.
Paige Thompson who worked under the name “erratic,” was found guilty in July 17, 2019, of wire fraud, five counts of unauthorized access to a protected computer, and damaging a protected computer. The jury also acquitted her of other charges including access device fraud and aggravated identity theft. The data breach prompted Capital One to reach a tentative $190 million settlement with affected customers. The company was also fined $80 million by the United States Treasury Department for failing to protect it’s customers data.
The Attorney General of the U.S, Nick Brown, said “Far from being an ethical hacker trying to help companies with their computer security, she exploited mistakes to steal valuable data and sought to enrich herself.”
Nick Brown said that Thompson tried to mine cryptocurrency before she was arrested by the Federal Bureau of Investigation(FBI).Thompson extracted sensitive customer data that included social security numbers, date of birth, and addresses among other information. She also flaunted details of her through text messages and online forums.
Thompson joined Amazon in 2015 to work at Amazon Web Services, a division that hosted the Capital One data she breached. The next year, it was known that she had quit working for Amazon.
During her trial, Thompson’s attorneys argued that she never struggled with mental health issues and never intended to profit from the data she obtained. The attorneys stated in the court papers ‘there is no credible or direct evidence that a single person’s identity was misused.’
The U.S Department of Justice said she gained access to Amazon’s clients data which was which stored on their server and subsequently got access to Capital One Bank in March, 2019. According to the Department of Justice, she revealed information about the hack on GitHub where she was reported by a user to Capital One.
The assistant U.S attorney, Andrew Friedman, told the jury during her trial “She wanted data. she wanted money and she wanted to brag.”
The punishment or wire fraud can be up to 20 years imprisonment. The Department of Justice says Thompson faces 5 years imprisonment and she is to be prosecuted in September.
