Paige Thompson has an impressive resume. Although you dropped out of computer science studies at the College in Bellevue, however, a programmer from Seattle, has mastered about ten languages, knows all sorts of IT platforms, also on the subject of Internet protocols, and Cloud Computing technologies makes you so fast nobody.
With such a resume, so the speculation on a Web Forum for system administrators at Reddit, earn easily 100’000 dollars in a year. At your most recent employer, Amazon’s Cloud service AWS, it is likely to have no less than earned. In this respect, it is completely incomprehensible that such a gifted Person of the cyber crime turning. But that’s exactly what the 33-Year-old has done according to the order of a court in Seattle published a criminal complaint.
the banking Capital One have on 17. July via a dedicated E-Mail address to receive a notice that Thompson was in possession of stolen data to the Bank. The criminal complaint that has earned Thompson an incorrectly configured Firewall access to a Server of the Bank. There was, it is possible for an account with far-reaching privileges for the Cloud storage of the Bank to invest. The gap, which Thompson took advantage of, was closed, according to Capital One. The Cloud group is not mentioned in the ad, Thompson’s former employer, AWS, however, has already confirmed that the data stored there. The security mechanisms would, however, works as planned.
Equipped with the log-in privileges, was Thompson, the stored data and pots of the Bank, view and copied the contents. Has it all: It is data of 100 million Americans and six million Canadians, mostly of applications for credit cards, Including insurance numbers, names and dates of birth were social, information on the income and the credit rating of the applicant.
It was probably one of the biggest Hacks of a U.S. Bank
The evidence for the prosecution in this case is much easier than in the case of cyber-crime is common. While professional hackers would be after such a Coup your tracks carefully interwoven, boasted Thompson in various forums on the net with your fact. So Github clues to the theft, but also in a relatively easily accessible channel for the team, work platform, Slack, in which they found themselves not only in your account with the programmer-platform with other hackers being exchanged. There, investigators found, among other things, this exchange between Thompson and another user:
“Quite a dodgy thing, please don’t go to jail.” – “Don’t Worry. I > ipredator > gate > s3 in the whole thing. I want to get the stuff only from my Server down.”
“S3” is the program that Amazon uses for data storage. In the case of “IPredator” and “goal” are to the concealment of one’s own identity in the network. Thompson felt through the use of the Tools apparently safe from prosecution. On the same channel, the investigators found, however, a vet bill with the home address of the hacker. In the case of a house search for more information on the data theft occurred.
106 million data, so that the data theft Capital One is one of the largest Hacks of a US Bank that there was ever likely to. The affected customers, however, could have been a blessing in disguise had: There is currently no evidence to suggest that Thompson has distributed the data.
Created: 31.07.2019, 20:32 PM