Signs are displayed outside the Capital One Financial Corp coffee shop branch. in Walnut Creek, California, USA, on Tuesday, July 18, 2017.
Bloomberg | beautiful pictures
A former employee of Amazon Web Services is sentenced of the break into Capital One and stole the data of more than 100 million people nearly three years ago in one of the largest data breaches in the United States.
Paige Thompson, who worked for the software giant as an engineer until 2016, was found guilty on Friday of seven federal counts, including electronic fraud, which carry a sentence of up to 20 years in prison. Other charges, illegally accessing a protected computer and damaging a protected computer, carry a penalty of up to five years in prison. A grand jury found Thompson not guilty of aggravated identity theft and device fraud after 10 hours of deliberation, a release said.
Prosecutors argued that Thompson, who worked under the name “erratic,” created a tool to search for misconfigured accounts on AWS. That allowed her to hack into accounts from over 30 Amazon customers, including Capitalize oneand mine that data. Prosecutors argued that Thompson also used her access to several servers to mine cryptocurrency into her own wallet.
“She wants the data, she wants the money, and she wants to show off,” Assistant U.S. Attorney Andrew Friedman said of Thompson during the closing argument during the week-long trial.
Capital One in December agreed to pay $190 million to settle a class action lawsuit over violations, in addition to an earlier agreement to pay $80 million in regulatory penalties. The stolen data included about 120,000 social security numbers and about 77,000 bank account numbers, according to the lawsuit.
An attorney representing Thompson did not immediately respond to a request for comment.
U.S. District Judge Robert S. Lasnik delivered the verdict against Thompson on September 15.