Skip to content
Home » As a former aWS employee, he’s been found guilty of hacking cloud systems by Capital One bank

As a former aWS employee, he’s been found guilty of hacking cloud systems by Capital One bank

    Paige Thompson, 36 was ex-owner and operator of Amazon Web Services. She was convicted for stealing personal data from more than 100,000,000 people three years prior. Thompson was an engineer from 1996 to 2016.

     

    The District Court of Washington found Thompson guilty of seven federal offenses, including wire fraud. These charges could result in a 20-year sentence. Other charges, such as illegal access to a computer or damage to one, can lead to five years imprisonment. The jury found her not guilty for access device fraud and aggrieved identity theft.

    Thompson, who used the erratic username, created an AWS tool to identify fake accounts. Through her hacking, she was able to gain access to the accounts of more 30 AWS customers, including Capital One. Thompson mined cryptocurrency using some servers. The coins were then transferred to his wallet. Robert S. Lasnik, U.S. District Judge, will make the final decision regarding Thompson on September 15.

     

    Image Source: Pixabay.

    This incident raised the question of cloud security and misconfigurations. Capital One was fined 80% for exposing financial information to the public. To settle the customers’ costs, Capital One was fined 190 million dollars. Rapid7, a security firm, stated that cloud misconfigurations are causing complaints with a depressing frequency in a recent report.

    Researchers warned that someone could be actively involved in searching for cloud service configuration problems in the future. The right tools make it almost impossible for anyone to search for a breach in the cloud at large scale. However, they are not capable of getting the information or devices to meet the challenges. This means they cannot target your company when it comes down to uncovering unintentional misconfigurations that could expose sensitive data.

    Researchers recommend that companies invest in cloud security. They also suggest planning for cloud-safe and fault-tolerant configurations, and automating processes to track and correct errors. It was estimated that deconfiguring cloud systems caused damage of five trillion dollars in 2020. These figures are significantly higher.

     

     

     

    If you find any problems, select them with your mouse and hit CTRL + ENTER. Can you write better? We are always happy to collaborate with new authors.

    Source: