Accused Capital One hacker stands trial on fraud and identity theft charges

84

Just as Amazon stores millions of physical goods in a staggering number of warehouses, Amazon Web Services hosts vast amounts of data for other companies that rent space on its servers. His clients included Capital One.

In early 2019, several years after she left Amazon Web Services, Ms. Thompson was looking for clients who had improperly set up firewalls to protect their data. “Thompson scanned tens of millions of AWS customers looking for vulnerabilities,” Mr. Brown wrote in a court filing. By March, she had discovered a vulnerability that allowed her to download data from Capital One, the prosecutor added.

In June 2019, Ms Thompson sent online messages to a woman and announced what she had found, legal filings say. Ms Thompson added she had considered sharing the data with a scammer and said she would publicly disclose her involvement in the breach.

“I basically strapped myself in a bomb vest,” Ms Thompson said in copies of the online chat attached to the court filings, referring to her plan to release the data publicly and expose herself.

The woman suggested that Ms Thompson turn herself in to authorities, prosecutors said. A month later, the woman contacted Capital One and reported the breach to the bank. Capital One notified law enforcement and Ms Thompson was arrested in late July 2019. If convicted, she could face more than 30 years in prison.

“The government-submitted snapshots are an incomplete and inaccurate portrayal of a life described more as one of survival and resilience,” Mohammad Ali Hamoudi, an attorney representing Ms Thompson, and other members of her legal team wrote in a filing . Ms Thompson has sought psychiatric treatment, they added, demonstrating her determination to face her issues.

In 2020, Capital One agreed to pay 80 million dollars Settling claims from federal bank regulators that it lacked the security protocols needed to protect customer data. The settlement also required the bank to work quickly to improve its security. In December, Capital One agreed to pay $190 million to individuals whose information was disclosed in the breach, in resolving a class action lawsuit.



Source link

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.