Article via: CNN Business
Paige Thompson is accused of breaking into a Capital One server and gaining access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers and 80,000 bank account numbers, in addition to an undisclosed number of people’s names, addresses, credit scores, credit limits, balances, and other information, according to the bank and the US Department of Justice.
A criminal complaint says Thompson tried to share the information with others online. The 33-year-old, who lives in Seattle, had previously worked as a tech company software engineer for Amazon (AMZN) Web Services, the cloud hosting company that Capital One was using, the Justice Department said. She was able to gain access by exploiting a misconfigured web application firewall, according to a court filing.
Capital One (COF) said the hack occurred March 22 and 23 and includes credit card applications as far back as 2005. The company indicated it fixed the vulnerability and said it is “unlikely that the information was used for fraud or disseminated by this individual.” However, the company is still investigating.
The breach affected around 100 million people in the United States and about 6 million people in Canada, according to Capital One.
The full article can be found here.