Home Business The woman charged with stealing 100 million people’s data clued in the FBI with bizarre boasts on Twitter, GitHub and Slack

The woman charged with stealing 100 million people’s data clued in the FBI with bizarre boasts on Twitter, GitHub and Slack

by admin2 admin2
16 views
The woman charged with stealing 100 million people’s data clued in the FBI with bizarre boasts on Twitter, GitHub and Slack

The suspect in the Capital One bank hacking that exposed information from 106 million people was identified because she boasted online, according to court filings submitted by federal prosecutors.

Capital One has disclosed that a March 22-23 breach affected 100 million people in the US and a further 6 million in Canada. A complaint filed Monday in Seattle identified the suspect as Paige Thompson, formerly a software engineer for Amazon Web Services.

Read more: Amazon’s cloud was at the heart of the big Capital One hack, even though it doesn’t seem to be at fault

An FBI special agent named Joel Martini detailed in the complaint against Thompson how he pieced together her identity from a series of online boasts.

Capital One was first alerted to the breach by a tip submitted to its security-disclosure email address. “There appears to be some leaked s3 data of yours in someone’s github / gist,” the tip said, providing a link.

Martini found Thompson’s full name on GitHub, the coding-collaboration service. He also found a link to a GitLab page containing a résumé describing Thompson as a “systems engineer” who had worked for Amazon AWS from 2015 to 2016.

Martini then determined that Thompson had set up a Meetup group with the online alias “erratic.”

Meetup is a social-media site where people join groups based on their interests. The Meetup group contained a code to join a Slack channel, where someone with the username “erratic” had boasted about the hack, prompting concern from one other user who wrote “don’t go to jail plz.”

Thompson is suspected of writing under the username “erratic.”
United States District Court for the Western District of Washington Seattle

Martini linked the Slack account to Thompson’s real-life identity after she posted a veterinary bill about a pet that listed her name and address, the complaint said. While the filing didn’t specify which pet, The New York Times found Thompson had posted on Meetup about taking her cat to the vet, which is corroborated by pictures posted on Twitter.

Martini was also able to find a Twitter account under the name “Erratic.” The tipster provided Capital One with a screenshot of Twitter direct messages from this account in which the user says: “Ive basically strapped myself with a bomb vest, fucking dropping capitol ones dox and admitting it.”

An image of the Twitter chat provided to the FBI by Capital One.
United States District Court for the Western District of Washington Seattle

After amassing this evidence, Martini obtained a warrant to search Thompson’s home. Agents seized “numerous digital devices” and found files on them that referred to Capital One.

Thompson was subsequently charged with computer fraud and abuse, punishable by as much as five years in prison and a $250,000 fine.

You can read the full complaint below:

Read More

You may also like

Leave a Comment