capital one credit card hack paige adele thompson

David Cardinez/Shutterstock @0xA3A97B6C/Twitter

Capital One hacker stole data on up to 100 million people

The alleged hacker faces up to five years in prison and a $250,000 fine.

 

Andrew Wyrich

Layer 8

Published Jul 30, 2019   Updated May 20, 2021, 7:45 am CDT

A 33-year-old former software engineer was arrested on Monday for allegedly hacking into Capital One Bank’s network and stealing information about approximately 100 million people.

The United States Attorney’s Office for the Western District of Washington announced on Monday that Paige A. Thompson, known as “erratic” online, was arrested on Monday. She is charged with one count of computer fraud and abuse.

Authorities allege that evidence was left on GitHub that linked Thompson to the hack. She also “made statements on social media fora evidencing the fact that she has information of Capital One, and that she recognizes that she has acted illegal,” according to a criminal complaint filed in Seattle.

The FBI found a Slack channel where “erratic” posted about the information and a direct message on Twitter where she told another user: “I’ve basically strapped myself with a bomb vest, fucking dropping capitol ones dox and admitting it. I wanna distribute those buckets i think first. There ssns… with full name and dob.”

The New York Times reports that Thompson used to work at Amazon Web Services, which hosted the Capital One servers that were infiltrated. Capital One says the breach was discovered on July 19.

“While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened,” Richard D. Fairbank, the founder, chairman, and CEO of Capital One, said in a statement. “I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.”

According to Capital One, “no credit card account numbers or log-in credentials were compromised and over 99 percent of Social Security numbers were not compromised.”

The bank also said that “it is unlikely that the information was used for fraud or disseminated by this individual.”

Thompson faces up to five years in prison and a $250,000 fine.

READ MORE: 

Got five minutes? We’d love to hear from you. Help shape our journalism and be entered to win an Amazon gift card by filling out our 2019 reader survey.

Share this article
*First Published: Jul 30, 2019, 9:09 am CDT