Paige A. Thompson, who has been accused of hacking into Capital One’s cloud and compromising the data of 100 million people, may have also hacked into upwards of 30 other companies, according to a Bloomberg report.
Thompson was arrested in July and has a past that includes threatening the lives of others and saying she would commit “suicide by cop,” according to information filed in court on Tuesday (Aug. 13). The filing is the first time the U.S. has revealed how many other companies were targeted.
“Thompson’s crime in this case — major cyber intrusions that resulted in the theft of massive amounts of data from what now appears to be more than 30 victim companies — only exacerbates the harm that Thompson has done, and the threat she would pose if released,” prosecutors said.
Prosecutors did not name any of the other companies involved.
“Although not all of those intrusions involved the theft of personal identifying information, it appears likely that a number (of intrusions) did,” the government said.
The government found “multiple terabytes” of stolen data from other countries, educational entities and institutions. It also said Thompson had said she would shoot up a social media company in California, although it isn’t known which one.
Capital One claims there is not a high likelihood the information was used for nefarious purposes. The U.S. also said it doesn’t think she sold the info or has another copy of it stashed away somewhere. However, the government also said Thompson has the technical know-how to sell the information if she did indeed have another copy.
“Even if she does not have another copy, Thompson’s technical sophistication means that she could commit additional cyber intrusions, thereby likely causing additional hundreds of millions of dollars of damage,” the U.S. said.