Lawsuits Pile Up For Cap One, Amazon Post Hack

Capital One and Amazon Web Services are being sued by customers due to the massive hack that impacted more than 106 million people, GeekWire reported.

Software engineer Paige Thompson, 33, allegedly boasted about the hack and left crumbs for investigators to follow. She formerly worked for Amazon Web Services, which hosted the Capital One database that was breached.

The hack has led to multiple lawsuits against Capital One. A similar one filed last week in California also included GitHub, which plaintiffs argued did not monitor and respond to hacked data on its website.

The newest lawsuit, which was filed this week in federal court in Seattle, also includes Amazon as a defendant. It argues that the company knew about the vulnerability exploited by Thompson and “did nothing to fix it,” and also violated Washington state’s Consumer Protection Act and Data Breach Disclosure Law.

“The single-line command that exposes AWS credentials on any EC2 system is known by AWS and is in fact included in their online documentation,” according to the complaint, GeekWire reported. “It is also well known among hackers.”

The suit also alleges the companies did not disclose the breach when they learned of it. The proposed class action suit includes plaintiffs from eight states and a nonprofit in Kentucky.

But Mark Bartholomew, a cyber law professor at the University at Buffalo’s School of Law, said that Capital One’s quick response, as well as reports that Thompson didn’t take advantage of the information she took, could hinder the lawsuits.

Although critics have said Amazon hasn’t done enough after the incident, the eCommerce giant said in a statement that none of its services were the underlying cause of the break-in. And Capital One has said that “this type of vulnerability is not specific to the cloud. The elements of infrastructure involved are common to both cloud and on-premises data center environments.”



The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.