Cap One Sanctioned For Lax Security, Hacker/Stalker To Face Trial

Capital One will pay $80 million to settle regulators’ claims that its cybersecurity protocols were lax and inefficient. A Seattle-based software engineer hacked into a cloud server and stole the bank’s customers’ social security numbers, account information and credit card applications. Capital One is required to present plans to improve its security procedures within the next three months, according to a separate regulatory filing by the Federal Reserve. The hacker was Paige Thompson, a former Amazon employee who bragged about breaking into an Amazon server in internet forums after leaving the company. She goes to trial in February. According to prosecutors, she stole data relating to more than 100 million Capital One customers, including 140,000 Social Security numbers and 80,000 bank account numbers. Most of the information taken involved credit-card applications. Former friends of Thompson say she was a troubled individual who discussed taking her own life, and eventually stalked and harassed people who tried to help her. Her résumé, which she shared in online forums, included skills in programming languages, scripts, networking and Amazon Web Services. People she knew personally recalled her struggles with gender transition and her difficulty associating with people professionally.