The Spokesman-Review Newspaper
The Spokesman-Review Newspaper The Spokesman-Review
Spokane, Washington  Est. May 19, 1883
Current Temperature
61°F
Current Conditions
Clear sky
View complete weather report

Color Scheme

Subscribe now

Federal grand jury indicts woman in Capital One case

A man walks across the street from a Capital One location in San Francisco on July 16, 2019. Federal prosecutors say Paige Thompson, the woman accused of hacking Capital One and at least 30 other organizations, is a threat to herself and society, a flight risk and should be kept locked up until her trial. (Associated Press)
By Martha Bellisle Associated Press

SEATTLE – A former Amazon software engineer arrested last month on charges she hacked into Capital One bank and more than 30 other companies has been indicted by a federal grand jury on charges she not only broke into the company’s computer system, but also stole computing power for her own benefit.

Paige Thompson faces wire fraud and computer fraud and abuse charges in the indictment announced Wednesday. She’s scheduled to be arraigned Sept. 5. Her lawyer did not immediately respond to an email request for comment.

In addition to Capital One, the indictment identifies three other entities that were targets. They include a state agency and a public research university, both outside Washington state, and a telecommunications conglomerate located outside the United States.

Between March and July of this year, Thompson created scanning software that allowed her to identify customers of a cloud computing company that had misconfigured their firewalls, allowing someone to access their servers, according to the indictment.

Once she had access, Thompson stole data and used the computer power to “mine” cryptocurrency for her own benefit, a practice known as “cryptojacking,” the indictment said.

Officials say Thompson, 33, copied data from servers that Capital One rented from a cloud computing company, including personal information from about 100 million customers who had applied for credit cards from Capital One.

At least 40 lawsuits have been filed against Capital One Financial Corp., claiming the company failed to protect its customer’s personal information.

Thompson was arrested July 29 after she allegedly talked about the hack on the site GitHub. Another user alerted Capital One to her posts and the financial services company confirmed there had been a data intrusion, so it contacted the FBI. Investigators said they traced the hack to Thompson.

She was arrested and her electronic devices were seized from her home in Seattle’s Beacon Hill neighborhood. Investigators said they did not find any evidence that Thompson sold or disseminated any of the information she had gathered.

The charges carry penalties of up to 25 years in prison.

U.S. Magistrate Judge Michelle Peterson ordered Wednesday that Thompson remain in custody pending trial.

Peterson said after a detention hearing last week that Thompson is a safety risk to herself and others. The judge cited a Seattle police report alleging that Thompson threatened a social media office in California.

On May 21, the Mountain View Police Department opened a “terrorist threat” investigation after one of Thompson’s former coworkers reported that Thompson sent a message saying she was “going to California to shoot up (REDACTED) office I hope you are not there,” according to the report acquired by the Associated Press on Thursday.

The name of the social media company was redacted but the address was nearly identical to an address for LinkedIn. A message seeking comment from LinkedIn was not immediately returned.

Thompson’s lawyers later told the judge that Seattle police investigated the threat and concluded that she “had no monetary or transportation means to come to California.”