December 1, 2022


Put A Technology

Ex-Amazon Worker Convicted in Capital One Hacking


A previous Amazon engineer who was accused of thieving customers’ own facts from Funds 1 in just one of the largest breaches in the United States was observed guilty of wire fraud and hacking prices on Friday.

A Seattle jury observed that Paige Thompson, 36, had violated an anti-hacking regulation known as the Laptop or computer Fraud and Abuse Act, which forbids entry to a pc without authorization. The jury observed her not responsible of identity theft and accessibility gadget fraud.

Ms. Thompson experienced worked as a software program engineer and ran an on the internet local community for other staff in her market. In 2019, she downloaded personal details belonging to far more than 100 million Cash A single customers. Her authorized team argued that she had employed the same instruments and procedures as ethical hackers who hunt for program vulnerabilities and report them to companies so they can be mounted.

But the Justice Department explained that Ms. Thompson experienced never prepared to alert Capital A single to the troubles that gave her entry to customers’ details, and that she experienced bragged to her on-line pals about the vulnerabilities she uncovered and the information she downloaded. Ms. Thompson also employed her obtain to Funds One’s servers to mine cryptocurrency, the Justice Office explained.

“She needed knowledge, she required income, and she desired to brag,” Andrew Friedman, an assistant U.S. legal professional, reported in closing arguments.

Ms. Thompson’s circumstance attracted notice from the tech sector simply because of the expenses underneath the Computer Fraud and Abuse Act. Critics of the regulation have argued that it is much too wide and allows for the prosecution of so-termed white hat hackers. Previous month, the Justice Office informed prosecutors that they need to no for a longer time use the regulation to pursue hackers who engaged in “good-faith security study.”

The jury deliberated for 10 hours just before getting Ms. Thompson responsible of 5 counts of attaining unauthorized obtain to a safeguarded laptop and harmful a guarded computer system, in addition to the wire fraud rates. She is scheduled to be sentenced on Sept. 15.

A law firm for Ms. Thompson declined to comment on the verdict.

Money A single learned the breach in July 2019 soon after a woman who experienced spoken with Ms. Thompson about the data reported the difficulty to Money 1. Money A person passed the information to the Federal Bureau of Investigation, and Ms. Thompson was arrested soon just after.

Regulators said Capital Just one lacked the safety steps it necessary to safeguard customers’ data. In 2020, the bank agreed to pay back $80 million to settle individuals promises. In December, it also agreed to pay back $190 million to folks whose information experienced been uncovered in the breach.

“Ms. Thompson applied her hacking expertise to steal the particular facts of much more than 100 million people, and hijacked computer system servers to mine cryptocurrency,” stated Nicholas W. Brown, the U.S. lawyer for the Western District of Washington, in a assertion. “Far from being an moral hacker making an attempt to support providers with their personal computer security, she exploited mistakes to steal precious information and sought to enrich herself.”


Source website link