UPDATE: Capital One data hacker breached 30 more companies
A former Amazon employee charged with stealing the data of American credit card company Capital One has also breached up to 30 more companies
In a memorandum filed in a federal court in Seattle, Paige Thompson, the woman accused of stealing the information of 106 million Americans from Capital One, was found to have made numerous “major cyber intrusions that resulted in the theft of massive amounts of data from what now appears to be more than 30 victim companies.”
While the data obtained from the Capital One hack included personal details, such as names, social security numbers, addresses and phone numbers, it is believed that the data Thompson retrieved from the other companies isn’t as personal.
It is understood that Thompson, who goes by the name “erratic” online, did not attempt to sell or share any of the data she stole from these companies. Among the companies involved are educational institutions and “other entities.”
US Attorney for Western Washington Brian Moran’s filing made mention of Paige Thompson’s significant “mental health issues,” saying that she poses a flight risk, and a threat to others if she is released. Moran calls for the detainment of Thompson while prosecutors tackle the evidence.
Online privacy has been in the spotlight recently, following a number of high profile data breaches and hacks.
From organisations’ poor security of customer data, including a serious biometrics breach found by vpnMentor and Facebook’s catalogue of errors, to direct hacks on companies to either profit from or expose flaws in their data handling, it seems as though each day presents new revelations in data security.
Deepfakes are now easier to make, becoming more widely used by fraudsters to obtain data. Recently, The FT reported that a company was swindled out of $10 million by thieves using deepfake technology and AI to impersonate a company executive.
The toolkit used by hackers is becoming more varied, and the increase in connected devices is allowing for new, weaker entry points into organisations’ information.
As the technology used for hacks becomes more sophisticated, and cheaper, companies must do more to safeguard their customers’ information with vastly improved governance.