U.S. Jury Indicts Suspected Capital One Hacker on Wire Fraud, Data Theft Charges (Aug 29, 2019)
Following the conclusion of a federal grand jury investigation, formal charges have been filed against Paige Thompson, the suspected threat actor who obtained personal information of over 100 million people in a Capital One data breach between March and July 2019. Thompson, a former Amazon Web Services (AWS) software engineer, is charged with wire fraud and computer data theft. In late March 2019, Thompson created a program that scanned cloud customers for a specific web application firewall misconfiguration, ultimately exploiting the misconfiguration to extract account credentials for more than 30 victim databases, one of which was Capital One. The Department of Justice has not identified the other companies or agencies breached by Thompson. According to Capital One, approximately 140,000 Social Security numbers and 80,000 associated bank account numbers were compromised in the data breach.
Recommendation: Bank accounts, credit card numbers, and Social Security numbers should be protected with the utmost care, and only used with vendors that you trust to keep your information in compliance with the relevant standards. Regular monitoring of financial accounts in addition to identity protection and fraud prevention services can assist in identifying potential theft of data.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.