Paige Thompson, who worked as an engineer at Amazon Web Services until 2016, was found guilty of seven crimes by the US District Court in Seattle. She is accused of electronic fraud, five episodes of unauthorized access to a protected computer and damage to a protected computer.
“Ms. Thompson used her hacking skills to steal the personal information of more than 100 million people and hack computer servers to mine cryptocurrencies,” Prosecutor Nick Brown said. “Not being an ethical hacker who tries to help companies establish computer security, she used security vulnerabilities to steal valuable data and sought to enrich herself.”
Thompson was arrested in July 2019 when Capital One reported the hacking to the FBI. The defendant wrote a tool that searched for incorrectly configured Amazon Web Services accounts. She managed to get the data of more than 30 clients of the service, among whom was a large bank Capital One. After discovering the victim, Thompson proceeded to steal personal data and install cryptocurrency mining software. As a result of the hacking, she managed to obtain the data of more than 100 million American clients of Capital One, which the accused boasted about in chat rooms and on Internet forums.
Thompson’s sentencing is scheduled for September 15, and she faces up to 20 years in prison for electronic fraud, and up to five years for each of the other charges.