Various news outlets report that Paige Thompson is accused of breaking into a Capital One server and gaining access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers and 80,000 bank account numbers, in addition to an undisclosed number of people's names, addresses, credit scores, credit limits, balances, and other information.
Thompson tried sharing the information with others online by posting the information on GitHub, using her full first, middle and last name and boasting on social media that she had Capital One information. She even In a channel explained how she accessed Capital One on Slack, a chat service used by businesses as well as other groups, using a special command to extract files in a Capital One directory stored on Amazon's servers.
Thompson made little effort to disguise her identity, using the screen name "erratic" on Slack, which was the same handle she used on a Twitter account and a Meetup chatroom page. Thompson also reportedly tweeted that she wanted to distribute Social Security numbers along with full names and dates of birth.
Thompson previously worked as a tech company software engineer for Amazon Web Services, the cloud hosting company that Capital One was using. Thompson was arrested on Monday of this week. Capital One indicated it fixed the vulnerability and that it is "unlikely that the information was used for fraud or disseminated by this individual."
Watch the CBS News video below for the full story.
Posts
0 comments:
Post a Comment