Banner Top
Monday, December 23, 2024

A woman who worked as a software engineer in Seattle hacked into a server holding customer information for Capital One and obtained the personal data of more than 100 million people, federal prosecutors said Monday, in one of the largest thefts of data from a bank.

The suspect, Paige Thompson, 33, left a trail online for investigators to follow as she boasted about the hacking, according to court documents in Seattle, where she was arrested and charged with one count of computer fraud and abuse.

Thompson, who formerly worked for Amazon Web Services, which hosted the Capital One database that was breached, was not shy about her work as a hacker. She is listed as the organiser of a group on Meetup, a social network, described as a gathering for “anybody with an appreciation for distributed systems, programming, hacking, cracking.” The FBI noticed her activity on Meetup and used it to trace her other online activities.

According to court papers and Capital One, Thompson stole 140,000 Social Security numbers and 80,000 bank account numbers in the breach.

In all, more than 100 million people in the United States and Canada were affected, the company said Monday.

The information came from credit card applications by consumers and small businesses made as early as 2005 and as recently as 2019, according to Capital One.

“Based on our analysis to date,” the bank said in a statement, “we believe it is unlikely that the information was used for fraud or disseminated by this individual.”

Amazon Web Services hosts the remote data servers that companies use to store their information, but large enterprises like Capital One build their own web applications on top of Amazon’s cloud data, to be able to use the information in ways specific to their needs.

The FBI agent who investigated the breach said in court papers that Thompson gained access to the sensitive data through a “misconfiguration” of a firewall on a web application that allowed the hacker to obtain customer files.

Amazon customers fully control the applications they build, it said, and Capitol One said in a news release that it “immediately fixed the configuration vulnerability” once it discovered the problem. Amazon said it found no evidence its underlying cloud services were compromised.

Banner Content

Message from the CEO

On Internatonal Women’s Day

The mankind will not exist if there is no woman on this planet .Nature gave this power to woman to carry the source of existence.In today’s world even there are lots of awareness and activities to protect the rights of women there are still many evidence of discrimination and abuse for women . Women are still facing difficulties to live a decent and happy life . The physical or gender differences should not matter , what is most important is that we are all human being and Humanity is above all .

TV Channel

img advertisement

FOLLOW US

YOUTUBE

Advertisement

img advertisement

Social

Advertisement

img advertisement