“She also suffered from depression and said online that her transitioning to a woman since age 22 may have contributed to her mental health problems.” – FOX NEWS
| Damages estimated at $200-300 million
| We’re learning more about the health of the alleged cyber thief in the Capital One data breach …
CBS News – Paige Thompson, a 33-year-old former Amazon employee from Seattle, has been arrested and charged by the FBI with stealing personal data belonging to more than 100 million Capital One customers.
Thompson, using an alias, boasted about the hack on social media, and appears to have obtained some information from several other companies, government entities and educational institutions, according to court documents.
Thompson’s resume lists eight different employers over a 12-year period, including positions with Amazon and a division of Lowe’s.
Paige Thompson, a former Amazon employee and accused hacker accused of stealing the personal data for more than 100 million Capital One customers, almost seemed to want to get caught. Mission accomplished.
Thompson, 33, was arrested on Monday after FBI agents searched her home and found files and information related to both Capital One and her former employer, according to a lawsuit filed by the Department of Justice.
Agents also found an online alias, “erratic,” allegedly connected to Thompson where she had posted online in late June about having information on “several companies, government entities, and educational entities,” according to the complaint.
Earlier that month, a Twitter account under the name erratic with a profile picture that appears to be Thompson wearing sunglasses, posted a direct message admitting she believed her actions were likely to be discovered.
“Ive basically strapped myself with a bomb vest, f***ing dropping capital ones dox and admitting it,” the message read. “I wanna distribute those buckets i think first.”
In court on Monday following her arrest, Thompson broke down and laid her head on the defense table, Bloomberg reported. A judge has ordered her to be held in jail. A bail hearing was set for later this week. Read more. (Coverage continues below … )
“This damage to Capital One is probably going to exceed $200 to $300 million dollars by the time it’s all said and done,” said Morgan Wright, cybersecurity expert and senior fellow at the Center for Digital Government, on Yahoo Finance’s The Ticker … [T[he costs will be “associated with customer notifications, credit monitoring, technology costs, and legal support.” – Yahoo! Finanace
PREVIOUSLY ON HEADLINE HEALTH:
More about the Capital One cyber incident
Capital One | Updated 5:45 PM ET, Wed July 31, 2019What happened
On July 19, 2019, we determined that an outside individual gained unauthorized access and obtained certain types of personal information about Capital One credit card customers and individuals who had applied for our credit card products.
What we’ve done
Capital One immediately fixed the issue and promptly began working with federal law enforcement. The person responsible was arrested. Based on our analysis to date, we believe it is unlikely that the information was used for fraud or disseminated by this individual. However, we will continue to investigate.
“While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened,” said Richard D. Fairbank, Chairman and CEO. “I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.”
Safeguarding information is essential to our mission and our role as a financial institution. We have invested heavily in cybersecurity and will continue to do so. We will incorporate the learnings from this incident to further strengthen our cyber defenses.
What’s the impact
Based on our analysis to date, this event affected approximately 100 million individuals in the United States and approximately 6 million in Canada.
Importantly, no credit card account numbers or log-in credentials were compromised and less than one percent of Social Security numbers were compromised. Based on our analysis to date, we believe it is unlikely that the information was used for fraud or disseminated by this individual.
The largest category of information accessed was information on consumers and small businesses as of the time they applied for one of our credit card products from 2005 through early 2019. This information included personal information Capital One routinely collects at the time it receives credit card applications, including names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income.
Beyond the credit card application data, the individual obtained portions of credit card customer data, including:
- Customer status data, e.g., credit scores, credit limits, balances, payment history, contact information
- Fragments of transaction data from a total of 23 days during 2016, 2017 and 2018
The individual also obtained the following data:
- About 140,000 Social Security numbers of our credit card customers
- About 80,000 linked bank account numbers of our secured credit card customers
We will directly notify these customers through the mail.
For our Canadian credit card customers, approximately 1 million Social Insurance Numbers were compromised in this incident. We will directly notify all Canadian customers affected.
For our Canadian credit card customers, please visit our website at www.capitalone.ca/facts2019.
What are we doing to help
Free credit monitoring and identity protection is available to everyone affected.
We recognize that there may be questions or concerns and our customer service line is available at 1-800-227-4825. Source.
MORE OF TODAY’S TOP HEALTH NEWS: