Security & Fraud

Capital One Hacker Indicted On Fraud, Theft Charges

The woman accused of one of the largest instances of corporate hacking in recent memory was indicted on charges of wire fraud and computer data theft on Wednesday (Aug. 29), according to a report by Reuters

A federal grand jury indicted 33-year-old software engineer Paige Thompson, a former Amazon employee, for the crime. More than 100 million people were affected by the breach.

Capital One stored its data with Amazon’s cloud division, called Amazon Web Services, and Thompson accessed the data from there. Thompson’s indictment cites more than 30 victims, which includes Capital One. The indictment didn’t name the other companies. 

Thompson is also accused of stealing computer power to mine cryptocurrency, which is a practice colloquially known as cryptojacking, the indictment said. 

Thompson is in government custody and faces up to 25 years in prison if she is convicted. The theft of data was large, and 140,000 Social Security numbers and 80,000 bank account numbers were compromised. Thompson did not get names and addresses of customers, however. 

UniCredit, in a memo to its staff, said that an internal investigation showed no evidence that a recent data breach at Capital One involved any of its own data.

UniCredit said it was launching its own investigation after its name came up in a screenshot published by Krebs On Security in which Thompson claimed to hack other companies.

A source briefed on the issue said that UniCredit doesn’t store customer data on any Amazon servers.

Among the companies listed by Krebs on Security in the screenshot are software company Apperian, Ford, Global Garner, Identiphy, UniCredit and Infoblox.

The website reached out to many of the companies, and it heard back from Infoblox.

“Infoblox is aware of the pending investigation of the Capital One hacking attack, and that Infoblox is among the companies referenced in the suspected hacker’s alleged online communications,” the company said. “Infoblox is continuing to investigate the matter, but at this time there is no indication that Infoblox was in any way involved with the reported Capital One breach. Additionally, there is no indication of an intrusion or data breach involving Infoblox causing any customer data to be exposed.”



The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.