By: Max Xu
Paige Thompson, a former amazon engineer, was found guilty of 7 counts of computer and wire fraud on Friday. After 8 days of testimony and a day of deliberation, the Seattle jury sentenced Thompson, 36, to 5 years in prison.
“We’re thrilled with the verdict,” said Nick Brown, U.S. attorney for the Western District of Washington. “Hopefully it’s good deterrence for other people, like Ms. Thompson, who purport to be good-faith hackers, but who are in fact engaged in something far more dangerous.”
Thompson’s data breach was among one of the largest in United States history. She downloaded private information, such as social security numbers and bank account numbers, from 100 million Capital One customers in March 2019.
Thompson’s legal team argued that she was using the same methods as ethical hackers who help companies find software vulnerabilities to fix them. However, the Justice Department stated that Thompson was not going to report the problems, and that she even used the Capital One’s servers to mine cryptocurrency for her own gain.
“She wanted data, she wanted money, and she wanted to brag,” assistant U.S. attorney Andrew Friedman, said in closing arguments. Thompson also told her online friends about her accomplishments hacking into the Capital One server, and she bragged on various social media platforms such as Twitter and Slack.
Capital One found out about the breach in July 2019, due to one of Thompson’s online friends reporting her to Capital One. Capital One immediately gave the information to the FBI, and Thompson was arrested soon after.
Regulators said that Capital One didn’t have enough security measures to protect customer information, so Capital One agreed to pay $80 million in 2020 to settle the claims, and another $190 million in December to pay those whose data was exposed by Thompson.
Articles: https://www.nytimes.com/2022/06/17/technology/paige-thompson-capital-one-hack.html
https://www.seattletimes.com/business/ex-amazon-worker-convicted-in-massive-capital-one-hack/
https://www.insider.com/ex-amazon-worker-convicted-of-hacking-capital-one-and-stealing-data-2022-6