Paige A. Thompson, 33, aka “erratic” online, is charged with computer fraud and abuse after authorities said she took advantage of a misconfigured firewall to access the bank’s credit card customer data, the Department of Justice announced Monday.
Thompson made off with names, addresses, dates of birth and credit history information, as well as mostly encrypted Social Security numbers, according to the FBI.
So who is Thompson? According to her resume, she’s a Seattle area software engineer who has held various jobs in the past few years. The most recent job listed on her resume was a stint at Amazon S3 — Simple Storage Service — from May 2015 to September 2016. An Amazon Web Services spokesperson confirmed a former employee had been arrested in conjunction with the investigation, but said AWS “was not compromised in any way and functioned as designed.”
Thompson attended Bellevue Community College from 2005 to 2006, but dropped out in order to take a job, according to her resume. On her now-defunct website, Thompson wrote that she’s a self-learner but did want to go back to school someday.
On Twitter, Thompson identified herself as a transgender woman. She shared photos of her and mourned for the pet after it had to be put down. She also wrote about the difficulty of making friends.
Some of those details helped authorities confirm Thompson’s identity as the hacker “erratic,” including a post about taking her pet to a veterinarian, FBI special agent Joel Martini said in an affidavit.
Martini, who works on the Cyber Squad at the FBI’s Seattle Field Office, said Capital One learned of the intrusion after someone emailed them a link to Thompson’s GitHub page on July 17 with files that had apparently been stolen from the company.
In a Slack channel promoted by Thompson on the website Meetup, Martini said a user going by the name "erratic" claimed to have files taken from Capital One.
“Sketchy s---,” one user wrote. “don’t go to jail plz.”
"Erratic" replied with a description of how they avoided detection, in part by using the same VPN service whose IP address authorities said was used in the incident.
In a Twitter message obtained by the FBI, "erratic" said she had “basically strapped myself with a bomb vest, f---ing dropping capitol one dox and admitting it.”
The person wrote that the material included Social Security numbers with full names and birth dates. They appeared poised to spread the information online.
“I wanna distribute those buckets I think first,” they wrote.
A Capital One source told Fox News that the 100 million people affected by the hack include every existing customer, every previous customer and anyone who's ever applied for a Capital One card.
Capital One said it “immediately” fixed the issue that had been exploited after learning about the security breach. The company said no credit card account numbers or log-in credentials were compromised.
The company is already facing a lawsuit over the breach. A Connecticut man who said he’s a Capital One credit card customer filed a lawsuit Tuesday seeking class-action status in the federal court in Washington, D.C., Reuters reported.
On July 29, the FBI executed a search warrant at Thompson’s home. They seized numerous digital devices from her bedroom, including some with files that referenced Capital One and other possible targets of attempted or actual intrusions, as well as the "erratic" alias.
Thompson made her initial appearance in court Monday and a judge ordered that she be detained pending an Aug. 1 hearing.
If she’s convicted, Thompson faces as much as five years in prison and a $250,000 fine.