The website named Paige Thompson, nicknamed Erratic, as the alleged hacker and detailed how she would go on messaging service Slack in a group with other supposed hackers. Krebs on Security joined the group and combed through months of posts.
“KrebsOnSecurity was able to join this open Slack channel Monday evening and review many months of postings apparently made by Erratic about her personal life, interests and online explorations,” the website said. “One of the more interesting posts by Erratic on the Slack channel is a June 27 comment listing various databases she found by hacking into improperly secured Amazon cloud instances. That posting suggests Erratic may also have located tens of gigabytes of data belonging to other major corporations.”
The website reached out to many of the companies, and it heard back from Infoblox.
“Infoblox is aware of the pending investigation of the Capital One hacking attack, and that Infoblox is among the companies referenced in the suspected hacker’s alleged online communications,” the company said. “Infoblox is continuing to investigate the matter, but at this time there is no indication that Infoblox was in any way involved with the reported Capital One breach. Additionally, there is no indication of an intrusion or data breach involving Infoblox causing any customer data to be exposed.”
Capital One Chairman and CEO Richard D. Fairbank said that he doesn’t think any of the stolen information was used maliciously.
“Based on our analysis to date, we believe it is unlikely that the information was used for fraud or disseminated by this individual,” Fairbank said. “While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened. I sincerely apologize for the understandable worry this incident must be causing those affected, and I am committed to making it right.”