A former Amazon Web Solutions (AWS) staff was convicted of several crimes linked to one of the major US information breaches of all time.
Paige Thompson, 36, performing below the manage ‘erratic,’ would have received the particular data of much more than 100 million individuals in the infamous Capital One particular hack in 2019 using a instrument she constructed that searched for misconfigured accounts on AWS.
For context, the details breach prompted the enterprise to achieve a $190m settlement with afflicted prospects. More, the Treasury Department fined the business $80m for failing to guard consumer info.
After acquiring the details, the software package engineer would have then mined it and installed cryptocurrency miners on some AWS servers.
Based on these situations, a federal jury on Friday uncovered Thompson guilty of 7 federal crimes, including wire fraud, illegally accessing a shielded pc and harming a shielded personal computer.
“Ms. Thompson applied her hacking skills to steal the particular data of extra than 100 million people, and hijacked personal computer servers to mine cryptocurrency,” claimed US Attorney Nick Brown in a press release.
“Far from being an ethical hacker striving to help providers with their computer system security, she exploited errors to steal useful knowledge and sought to enrich herself,” he included.
She was identified not responsible, on the other hand, of aggravated id theft and access machine fraud following her attorneys argued that she struggled with psychological health and fitness issues and in no way intended to gain from the info she attained. Even further, they claimed there was no “credible or immediate proof that a one person’s identity was misused.”
At the same time, courtroom paperwork trace that the previous AWS computer software engineer invested hundreds of several hours advancing her plan, bragging about her unlawful carry out to some others by means of text or on the net message boards.
“She preferred info, she desired money, and she required to brag,” Assistant US Attorney Andrew Friedman stated in closing arguments.
Thompson’s ultimate sentence is envisioned on September 15, following Judge Lasnik considers the sentencing rules and other statutory components.
Wire fraud is punishable by up to 20 several years in prison, while illegally accessing a safeguarded laptop and harmful a safeguarded pc is punishable by up to five a long time.
Some pieces of this report are sourced from: