A Seattle jury has actually discovered Paige Thompson, a previous Amazon software application engineer implicated of taking information from Capital One in 2019, guilty of wire scams and 5 counts of unapproved access to a secured computer system. The Capital One hack was among the most significant security breaches in the United States and jeopardized the information of 100 million individuals in the nation, together with 6 million individuals in Canada. Thompson was apprehended in July that year after a GitHub user saw her post on the site sharing details about taking information from servers keeping Capital One info.
According to the Department of Justice, Thompson utilized a tool she constructed herself to scan Amazon Web Services for misconfigured accounts. She then presumably utilized those accounts to penetrate Capital One’s servers and download over 100 million individuals’s information. The jury has actually chosen that Thompson broke the Computer Fraud and Abuse Act by doing so, however her legal representatives argued that she utilized the exact same tools and approach likewise utilized by ethical hackers.
The Justice Department just recently changed the Computer Fraud and Abuse Act to safeguard ethical or white hat hackers. As long as scientists are examining or repairing vulnerabilities in “excellent faith” and aren’t utilizing the security holes they find for extortion or other harmful functions, they can no longer be charged under the law.
United States authorities, nevertheless, disagreed with the assertion that she was just attempting to expose Capital One’s vulnerabilities. The Justice Department stated she planted cryptocurrency mining software application onto the bank’s servers and sent out the profits directly to her digital wallet. She likewise supposedly extolled the hack on online forums.
” Far from being an ethical hacker attempting to assist business with their computer system security, she made use of errors to take important information and looked for to improve herself,” United States Attorney Nick Brown stated. Thompson might be sentenced with approximately 20 years of jail time for wire scams and approximately 5 years for each charge of unlawfully accessing a secured computer system. Her sentencing hearing is set up for September 15 th.
All items advised by Engadget are picked by our editorial group, independent of our moms and dad business. A few of our stories consist of affiliate links. If you purchase something through among these links, we might make an affiliate commission.