Just yesterday, on Monday, July 29, 2019, Capital One Financial Corporation, a major credit card issuer and lender which is better known as Capital One, revealed via an official press release that someone had hacked into its database and perused the personal, sensitive data of United States consumers who had applied for Capital One credit cards to the tune of roughly 100 million credit card applicants.
Although the company publicly acknowledged the data breach yesterday, Capital One Financial Corp. first found out about the data breach on July 19, 2019, roughly two weeks ago.
According to a criminal filing made yesterday, on Monday, July 29, by the Federal Bureau of Investigation (FBI) in the United States District Court for the Western District of Washington, which is located in Seattle, a 33-year-old Seattle resident by the name of Paige Thompson is said to have been directly responsible for the hack.
An anonymous whistleblower emailed Capital One on July 17 that some of its users’ personal information was being held on GitHub, a software development hosting site that is operated by the eponymous Microsoft subsidiary. The GitHub user’s account that held the information also contained the resume of Paige Thompson, which was one of the pieces of evidence that the FBI used to charge Thompson with the federal cybercrime, according to Joel Martini, a special agent with the Federal Bureau of Investigation.
Further, Thompson left evidence in the form of several IP addresses that were found to be linked to IPredator, a virtual private network, or VPN, that is operated out of the Republic of Cyprus, an island nation in the Mediterranean Sea just below the Middle Eastern nation of Turkey.
What’s even more damning for Paige Thompson is that those IP addresses were also linked to several posts made on Slack, a platform used for instant messaging, as well as Meetup, a web-based service founded in 2002 that is used to organize meet-ups in the real world.
According to the resume, Thompson worked at Amazon Web Services from May 2015 to Sept. 2016. It’s believed that Paige got access to the roughly 100 million applicants’ information via the unauthorized accessing of a server that was improperly configured with a bad firewall. Through the misconfigured firewall, Thompson was able to access Capital One’s bank of applicant data, which was held on Amazon’s cloud storage platform.
Also, according to FBI agent Martini, Thompson’s Twitter account contained at least one direct message in which she shared with another uninvolved user that she planned on distributing the data she illegally acquired via the web.