On Friday, a former Amazon network service engineer was charged with a large-scale hacker attack in 2019 and convicted of seven federal crimes in the U.S. District Court in Seattle.
Prosecutors showed how Paige Thompson built a tool to identify misconfigured AWS accounts and use them to access data from more than 30 entities, including AWS customer capital one. More than 100million capital one customers were affected. This is one of the biggest violations of a large financial services institution.
The jury found that Thompson had violated the computer fraud and abuse act. Last month, the Ministry of justice revised the charging policy under the act and said that “integrity security research should not be charged”. The act attracted people’s attention
Thompson was convicted of cable fraud, five counts of unauthorized access to protected computers and sabotage of protected computers. The lawsuit said that she used illegal access to earn income from the cryptocurrency mining software installed on the new server. Thompson was found not guilty of access device fraud and serious identity theft.
Nickbrown, an American lawyer, said in a press release: “Ms. Thompson used her hacking skills to steal the personal information of more than 100 million people and hijacked computer servers to exploit cryptocurrencies.”. “She is by no means an ethical hacker trying to help the company with computer security. She uses mistakes to steal valuable data and tries to enrich herself.”
From 2015 to 2016, Thompson worked as a system engineer at Amazon.
Capital one eventually paid a fine of $80million and $190million to resolve class action lawsuits related to hackers.
Thompson, 36, is scheduled to deliver his sentence on September 15. Wire transfer fraud may be sentenced to fixed-term imprisonment of not more than 20 years; Illegal access to the protected computer and damage to the protected computer will be punished for up to five years.