Federal prosecutors this week sued a woman in Seattle for stealing data from more than 100 million loan applications filed at Capital One Financial Corp . Incredibly, many of these violations have been publicized over several months on social media and other open online platforms. What follows is a closer look at the defendants and what this incident could mean for consumers and businesses.
FBI agents were arrested on July 29 Paige A. Thompson on suspicion of downloading nearly 30 GB of Capital One loan application data from a rented cloud data server. According to Capital One, the incident affected approximately 1
This data included approximately 140,000 social security numbers and approximately 80,000 US consumer bank account numbers and approximately 1 million Social Insurance Numbers (SINs) for Canadian credit card customers.
"Importantly, no credit card account numbers or credentials have been compromised and over 99 percent of social security numbers have not been compromised," said Capital One in a statement posted on its website. 19659004] "The largest category of information accessed was information to consumers and small businesses at the time of applying for one of our credit card products from 2005 to early 2019," it says. "This information includes personally identifiable information that Capital One routinely collects at the time credit card applications are received, including names, addresses, postal codes, telephone numbers, e-mail addresses, birth dates, and self-reported earnings."
According to the FBI, Capital One learned of the theft by sending a note via e-mail on July 17, pointing out that some of the leaked data was being stored openly on the Github software development platform. This Github account was intended for a user named " Netcrave ", who contains the CV and name of a Paige A. Thompson.
The complaint The cloud hosting provider that provided the Capital One credit data is not explicitly mentioned. However, the accused's curriculum vitae states that she worked as a systems engineer at the provider between 2015 and 2016. This CV is available here on Gitlab. Unveiled Thompson's Youngest Employer Was Amazon Inc.
Further research revealed that Thompson used the nickname on Twitter "unpredictable" where she remained open for several months on finding huge stores spoke data that should be backed up on different Amazon instances.
According to FBI, Thompson also used a public Meetup group under the same pseudonym, where she invited others to join a Slack channel called " Netcrave Communications " Unpredictable about their privacy, their interests and online explorations. One of Erratic's more interesting posts on the Slack channel is a June 27 comment that lists various databases she found hacking into improperly secured Amazon Cloud instances.
This post suggests that Erratic may also have stored dozens of gigabytes of data from other major corporations:
Erratic also frequently posted to Slack about her struggles with gender identity, the lack of employment, and persistent suicidal thoughts. In several conversations Erratic refers to operating a kind of botnet, though it is unclear how serious these claims were. In particular, Erratic mentions a botnet involved in cryptojacking that uses code snippets installed on Web sites – often secretly – to mine cryptocurrencies they could access. However, it is likely that at least some of these data could come from other people who have followed their activities on different social media platforms.
Ray Watson a cybersecurity researcher with cloud security firm Masergy, "The attacker was a former contributor to the participating web hosting company, often referred to as an insider threat," Watson said. "She reportedly used firewall credentials for web applications to get extended permission. The use of Tor and an offshore VPN for concealment is also common in similar data breaches. "
" The good news, however, is that Capital One Incidence Response has been able to respond swiftly as soon as they have been notified of a potential breach by their Responsible Disclosure Program, which many other companies are struggling with, "he continued.
In Capital One's statement on the infringement, the company's chairman and CEO Richard D. Fairbank explained that the financial institution has resolved the issue of configuration vulnerability, which has led to data theft and prompt cooperation with law enforcement of the Confederation.
"According to our previous analysis, we believe it unlikely that the information was used by that person for fraud or distribution," said Fairbank. "Although I'm grateful that the perpetrator was caught, I am deeply sorry. I sincerely apologize for the understandable concern that this incident must cause the person concerned, and work to make sure everything is put in order. "
Capital One will notify affected individuals through various channels and provide free credit monitoring and identity protection to all concerned.
Bloomberg reports that Thompson collapsed in court on Monday and laid his head on the defense table during the hearing. She is being sued for one-time computer fraud and punished with a maximum of five years in prison and a fine of $ 250,000. Thompson is being held in custody until her court hearing on bail, scheduled for 1 August.
A copy of the complaint against Thompson can be found here.
Tags: Capital One, GitHub, Masergy, Paige A. Thompson, Ray Watson, Slack, twitter
You can jump to the end and leave a comment. Ping is currently not allowed.