Former Amazon employee Paige Thompson was convicted by a jury of seven federal crimes, including electronic fraud and hacking. Software engineer breached financial services giant CapitalOne’s system in 2019 and stole personal information more than 100 million people.
Paige was found guilty under the Computer Fraud and Abuse Act. (The Computer Fraud and Abuse Act) prohibits a person from gaining unauthorized access to a computer system. However, he was not found guilty of identity theft and device access fraud related charges. Prosecutors said he used the bugs to “steal valuable data and enrich himself”, including using compromised servers to mine cryptocurrencies. His sentence will be announced in September.
Thompson worked in the cloud division Amazon Web Services It has reportedly created a tool to identify misconfigured cloud storage servers and gain access to data such as names, phone numbers, credit scores, limits, and balances. Most of CapitalOne’s information was stored in Amazon’s cloud.
According to official documents, it is also could access data from at least 30 other companies.
CapitalOne’s data breach acknowledged one of the biggest hacks of the decade In the United States, both because of the “size of the damage” and the sensitivity of the information stolen. CapitalOne’s chief of security was replaced shortly after the case went public, and in 2020 US federal regulators fined the organization $80 million for failing to adequately protect its customers’ data.
Subsequently, CapitalOne was ordered to pay approximately $200 million in a class action lawsuit.
Source: Tec Mundo
