Threat Watch

FBI Makes Quick Arrest in Capital One Data Breach Following Social Media Posts

Erratic: A hacker going by the name “erratic” was arrested after she bragged online about compromising servers belonging to Capital One.  The online persona was tied back to a 33-year-old Seattle woman named Paige Thompson.  Thompson is a former employee of Amazon web hosting, who provided cloud-based services to Capital One.  Thompson was found to have compromised the details of 100 million U.S. customers and six million Canadian customers who opened accounts with Capital One between 2005 and early 2019.  The compromised data included phone numbers, email addresses, date of birth, self-reported income, and social security numbers/Canadian social insurance numbers.  The FBI first discovered information stolen from the back in a GitHub repository on July 17th.  Capital One discovered the vulnerability in their systems on July 19th and they immediately began remediation and engaging law enforcement.  Thompson had bragged on social media about the breach under her online persona of erratic, which was later linked back to her following other posts which contained seemingly innocuous personal details, as well as an image of an invoice which was later used to link her to the online persona.  It was stated that Thompson had begun to share some of the stolen details with others online, but there is no further information at this time to indicate how widespread the sharing of the data was.

ANALYST NOTES

As with many similar breaches, depending on how much of the data was shared prior to Thompson’s arrest it is possible that we will see the stolen data popping up online, especially on darknet market places.