It's Not Just Swimming: Woman Shatters Hacking Glass Ceiling By Stealing 100 Million Capital One Customers' Data
Print Friendly and PDF

Earlier: Women Are Breaking Records On Jeopardy And In The Swimming Pool

The Patriarchy keeps women from pursuing lucrative careers in hacking into data systems and stealing personal records. But now, one woman, Paige A. Thompson, has smashed the digital glass ceiling and no doubt a tsunami of women hackers will follow. From the New York Times news section:

Fraud and Identity Theft Trial to Test American Anti-Hacking Law

A woman is accused of downloading data of more than 100 million Capital One customers. Her lawyers argue a conviction would criminalize legitimate research practices.

By Kate Conger
June 8, 2022

Nearly three years after the disclosure of one of the largest data breaches in the United States, the former Amazon [cloud services] employee accused of stealing customers’ personal information from Capital One is standing trial in a case that will test the power of American anti-hacking law.

Paige Thompson worked as a software engineer in Seattle and ran an online community for other programmers. In 2019, she downloaded personal information belonging to more than 100 million Capital One customers, the Justice Department said.

The data came from applications for credit cards, and included 140,000 Social Security numbers and 80,000 bank account numbers. She faces 10 counts of computer fraud, wire fraud and identity theft in a federal trial that began on Tuesday in Seattle.

… Ms. Thompson has pleaded not guilty, and her lawyers say her actions — scanning for online vulnerabilities and exploring what they exposed — were those of a “novice white-hat hacker.”

… Prosecutors said Ms. Thompson had planned to use the information she gathered for identity theft, and had taken advantage of her access to corporate servers in a scheme to mine cryptocurrency. But her lawyers have argued that Ms. Thompson’s discovery of flaws in Capital One’s data storage system reflected the same practices used by legitimate security researchers and should not be considered criminal activity.

… The Justice Department has argued that Ms. Thompson had no interest in helping Capital One plug the holes in its security and that she cannot be considered a “white hat” hacker. Instead, she chatted with friends online about how she might be able to profit from the breach, according to legal filings.

… But downloading thousands of files and setting up a cryptocurrency mining operation were “intentionally malicious actions that do not happen in the course of testing security,” Mr. Wisniewski said.

Ms. Thompson grew up in Arkansas, where she struggled to fit in but excelled with computers, according to court records. She dropped out of high school and made plans to move to Seattle, where she would eventually join a thriving community of technologists and begin a gender transition.


Never mind.

[Comment at]

Print Friendly and PDF