07/31/2019 / By JD Heyes
Another day, another massive hack of personal data, thanks to the ongoing war against privacy and large corporations’ inability to protect our digitized information.
As reported by Zero Hedge, the latest hack of 100 million customers of Capital One was allegedly committed by a transgender male named “Paige Thompson,” 33, a former Amazon employee who may have a grudge against — you guessed it — capitalism.
The site noted that Thompson has displayed very erratic behavior of late online, including sharing some depression after euthanizing a pet, the Daily Mail added.
The British news site noted further:
A Seattle-based transgender former Amazon engineer has been arrested for allegedly hacking Capital One bank’s systems to steal data it was storing on Amazon’s Web Services cloud. …
A portion of that figure – 140,000 – also had their social security numbers obtained and 80,000 had their credit card details accessed.
The report noted that Thompson allegedly hacked the data sometime between March and July of this year after breaching the bank’s servers via a firewall misconfiguration. And while the information was stored on Amazon’s Web Services, the e-tailer behemoth claimed it wasn’t responsible because Thompson exploited Capital One’s systems in order to access the data.
For some reason, Thompson appears to have wanted to be caught because he/she left a trail of breadcrumbs online for investigators to follow, such as posting about the hack online and warning that he/she was facing jail time.
The motives for the hack remain unclear, said the Daily Mail, but Capital One said it did not appear to be financial in nature.
So, maybe just retaliatory. Or something. (Related: WHITE writer for NBC, Amazon, hopes for faster WHITE genocide.)
Both Capital One and the FBI said Monday that no customer money was stolen.
“The largest category of information accessed was information on consumers and small businesses as of the time they applied for one of our credit card products from 2005 through early 2019,” they said.
“Safeguarding applicant and customer information is essential to our mission and our role as a financial institution,” the bank added. “We have invested heavily in cybersecurity and will continue to do so.”
Apparently, not heavily enough.
After stealing the data, FBI officials said Thompson then posted the data to the Github site. He/she made his/her identity known to authorities by [intentionally] failing to adequately encrypt the IP address used in the hack, which had his/her full name.
Interestingly, Thompson’s online handle is “Erratic.” He/she once tweeted her “boy” is in Greece after being deported, and that he/she wanted to experience doctor-assisted suicide in Denmark.
He/she also wrote on Twitter to the Seattle Police Department and President Trump, “I would like to make good on the deportation initiative and surrender myself to detainment and deportment. I am in this country illegally, I just want to get this over with. What should I do?”
And: “I am a tuvaluan national and my country has not established diplomatic or former mission in the US. So, im not really sure what you expect me to do voluntarily but i am perfectly willing to leave asap if you can meet me halfway.”
As for Capital One, the banking firm that ‘invests so heavily in cybersecurity,’ Thompson’s hack marks the second one for the financial institution in two years.
“In July 2017, Capital One sent letters to an unspecified number of customers informing them that their data may have been compromised by one of the company’s employees,” the Daily Mail reported.
And, of course, Capital One isn’t the only financial institution or corporation that has been hacked. It happens all the time, and yet, as a society, we continue rushing to digitize as much of our society as possible, despite the fact that we can’t protect anyone’s privacy anymore.
Sources include:
Tagged Under: Amazon, AWS, breach, Capital One, cloud, credit card records, criminals, cyber war, cybersecurity, cyberwar, Data, FBI, Glitch, hacking, personal data, privacy, security breach, transgender
COPYRIGHT © 2017 COMPUTING NEWS