Paige Thompson found guilty in 2019 Capital One data breach
Paige A. Thompson has been convicted in the Capital One data breach that affected more than 100 million customers in the U.S. and Canada.
An anonymous email sent to Capital One fueled the FBI's investigation and led to Thompson's arrest in July 2019. The FBI traced a GitHub post that contained the stolen data as well as social media statements made by the former AWS engineer.
A jury in the U.S. District Court in Seattle found 36-year-old Thompson guilty of wire fraud, five counts of unauthorized access to a protected computer, and damaging a protected computer.
The DOJ also revealed steps leading up to the network intrusion. Though she left Amazon years before the hack, the DOJ said while employed at the company, Thompson built a tool she used to scan AWS' cloud platform for misconfigured accounts.
"With some of her illegal access, she planted cryptocurrency mining software on new servers with the income from the mining going to her online wallet."
Additionally, the press release emphasized how Thompson "bragged" about her illegal actions through texts and online forums under the alias "erratic." The DOJ also said she spent hundreds of hours advancing her scheme, which cost Capital One hundreds of millions in lawsuits.
简单说下吧,这个亚马逊的码农在离职前往亚马逊的云服务器上塞了个木马,然后在云上挖矿塞进自己钱包里,另外她还扫描云上有漏洞的账户,结果抓了Capital One的大瓜。而且她没事还在社交媒体上说自己干了一票。