Content |
_2022_Avatar.jpg){kind=avatar}
Biography
2022: Received a prison sentence due to the theft of data of 100 million customers
In early October 2022, a former Amazon engineer was convicted of seven counts of fraud after the personal data of more than 100 million bank customers was stolen from unsecured accounts on a cloud platform.
Page Thompson was arrested in July 2019 after Capital One alerted the FBI to the breach. The prosecutor's office claimed that she stole the personal data of more than 100 million customers of the company, including 140 thousand social security numbers and 80 thousand bank account numbers.
The controversially lenient sentence for Paige Thompson of a 5-year prison sentence, which the Justice Department called USA "disappointing," was handed down by a judge in Seattle. The judge in that case, Robert Lasnick, information for Siliconangle, was moved by Thompson's statement, which is transgender and suffers from mental health problems, arguing that she hopes to make a positive and meaningful contribution to society. Judge Lasnick, sentencing Paige Thompson to probation, said he was putting her reputation on the line that she would not commit new crimes.
In the case, prosecutors alleged that Thompson, using the nickname "erratic" on the Internet, created a tool for finding incorrectly configured AWS accounts. This allowed her to access the accounts of more than 30 AWS customers, including Capital One, and steal their data. Other companies and organizations Thompson gained access to included UniCredit S.p.A, Vodafone, Ford Motor, Michigan State University and the Ohio Department of Transportation. However, data theft was not Thompson's only alleged crime. It is also alleged that she used her access to AWS servers to mine cryptocurrency.
Capital One received an anonymous report of the breach in July 2019, warning the company that data taken from the bank's S3 storage facility had been leaked on GitHub. There was an "incorrect firewall configuration" in the S3 basket, the US Department of Justice said at the time. As of October 2022, the violation cost the American bank Capital One, one of 30 affected institutions, more than $270 million in compensation and for regulatory purposes.[1]
Notes
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |