A Seattle jury has stumbled on Paige Thompson, a worn Amazon tool engineer accused of stealing data from Capital One in 2019, responsible of wire fraud and 5 counts of unauthorized salvage admission to to a protected laptop. The Capital One hack used to be one of many largest security breaches in the US and compromised the data of 100 million other folks in the nation, along with 6 million other folks in Canada. Thompson used to be arrested in July that 365 days after a GitHub user saw her publish on the win location sharing information about stealing data from servers storing Capital One information.
According to the Division of Justice, Thompson veteran a tool she constructed herself to scan Amazon Internet Companies and products for misconfigured accounts. She then allegedly veteran those accounts to infiltrate Capital One’s servers and download over 100 million other folks’s data. The jury has made up our minds that Thompson violated the Computer Fraud and Abuse Act by doing so, however her lawyers argued that she veteran the an identical tools and manner additionally veteran by moral hackers.
The Justice Division no longer too long in the past amended the Computer Fraud and Abuse Act to present protection to moral or white hat hackers. So long as researchers are investigating or fixing vulnerabilities in “correct faith” and are no longer using the protection holes they discover for extortion or other malicious capabilities, they’ll now no longer be charged below the law.
US authorities, then again, disagreed with the assertion that she used to be finest trying to enlighten Capital One’s vulnerabilities. The Justice Division stated she planted cryptocurrency mining tool onto the bank’s servers and despatched the earnings straight to her digital wallet. She additionally allegedly bragged about the hack on online boards.
“A ways from being an moral hacker trying to assist corporations with their laptop security, she exploited errors to purchase precious data and sought to counterpoint herself,” US Attorney Slash Brown stated. Thompson would possibly perchance perchance perchance also very properly be sentenced with up to 20 years of penal complex time for wire fraud and up to 5 years for every label of illegally accessing a protected laptop. Her sentencing hearing is scheduled for September 15th.
All products instructed by Engadget are chosen by our editorial team, independent of our guardian company. Some of our tales include affiliate links. Even as you make a selection something thru the kind of links, we would possibly perchance perchance perchance also simply develop an affiliate commission.