The Alleged Capital One Data Thief Accused of Crypto-Jacking
The woman recently arrested for stealing data from Capital One and other organizations is now facing additional charges of crypto-jacking, according to a new indictment filed on Wednesday.
Paige Thompson, 33, has been charged with wire fraud and computer fraud and abuse in connection to the cyber-attacks, with each charge carrying a potential prison sentence of up to 25 years.
The Capital One Data Breach
The details of Thompson’s alleged attack on Capital One, which led to a data breach affecting approximately 100 million customers and card applicants, are well-documented. As a former Amazon Web Services (AWS) employee, she reportedly used scanning software to target AWS customers with misconfigured firewalls, allowing her to access and steal sensitive data from their servers.
Crypto-Jacking Allegations
Aside from the data theft, the indictment also accuses Thompson of using the stolen computer access to engage in crypto-jacking activities, a scheme where cyber-criminals use stolen computing power to mine for cryptocurrency and profit from it.
Crypto-jacking has become a popular tactic among hackers looking to make money illicitly. In fact, recent reports suggest that North Korean state hackers used this method to generate funds for their missile and nuclear programs, amassing a staggering $2 billion.
Moreover, a group of nuclear power plant workers in Ukraine was recently arrested for attempting to use the facility’s supercomputer for crypto-mining.
Identifying Additional Victims
While investigators continue to uncover the extent of Thompson’s alleged crimes, the indictment revealed some of the organizations targeted by her activities. These include a state agency outside of Washington, a telecommunications conglomerate located internationally, and a public research university outside of Washington.
Law enforcement became aware of Thompson after she reportedly shared information with a GitHub user regarding the data breach at Capital One.
These new developments shed light on the sophisticated and multi-faceted nature of cyber-crime, where individuals like Thompson exploit vulnerabilities for personal gain through data theft and crypto-jacking.