|
The
breach at Capital One between March and July was revealed late
last month and stemmed from Capital One's decision to store data
in Amazon's <AMZN.O> cloud unit, called Amazon Web Services (AWS),
where a former employee named Paige Thompson managed to access
its data.
Thompson's indictment cited more than 30 victims of data
intrusion and theft, including Capital One, the DOJ said http://bit.ly/32eBGPE,
adding that the case is now headed for a federal court in
Seattle.
The DOJ did not identify other companies whose data was
allegedly breached by Thompson. However, it mentioned that some
of the victims included a state agency outside the state of
Washington, a telecommunications conglomerate outside the United
States and a public research university outside Washington.
Thompson not only stole data, but also used stolen computer
power to mine cryptocurrency for her own benefit, a practice
known as "cryptojacking," according to the indictment.
The 33-year-old software engineer made her initial appearance in
a federal court in July. She remains in custody and her charges
in the indictment carry penalties of up to 25 years in prison,
according to the statement.
The data breach at Capital One resulted in the exposure of names
and addresses of customers, the company said last month. The
hacker did not gain access to credit card account numbers, but
about 140,000 Social Security numbers and 80,000 linked bank
account numbers were compromised.
(Reporting by Kanishka Singh in Bengaluru; editing by Gopakumar
Warrier)
[© 2019 Thomson Reuters. All rights
reserved.] Copyright 2019 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
|
|
