October 3, 2023

A former AWS employee was convicted of multiple crimes connected to one of the largest US data breaches of all time.

Paige Thompson, acting under the handle ‘erratic,’ would have obtained the personal information of more than 100 million people in the infamous Capital One hack in 2019 using a tool she built that searched for misconfigured accounts on AWS.

The data breach prompted the company to reach a $190m settlement with affected customers. Further, the Treasury Department fined the company $80m for failing to protect customer data.

Advertisements

After obtaining the data, the software engineer would have then mined it and installed cryptocurrency miners on some AWS servers.

Based on these events, a federal jury on Friday found Thompson guilty of seven federal crimes, including wire fraud, illegally accessing a protected computer, and damaging a protected computer.

At the same time, court documents hint that the former AWS software engineer spent hundreds of hours advancing her scheme, bragging about her illegal conduct to others via text or online forums. 

Thompson’s ultimate sentence is expected on September 15, Wire fraud is punishable by up to 20 years in prison, while illegally accessing a protected computer and damaging a protected computer is punishable by up to five years.

Tags:

Leave a Reply

You may have missed

Industrial Control Systems and Vulnerability Management Process

October 2, 2023

McLaren Healthcare suffers a Ransomware Incident

October 2, 2023

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – September, 2023

October 2, 2023

TheCyberThrone Security Week In Review – September 30, 2023

October 1, 2023

Mozilla fixes CVE-2023-5217 Vulnerability in its Products

September 30, 2023

CISA KEV Update Part III – September 2023

September 30, 2023
%d bloggers like this: