Take the pledge to vote

For a better tommorow#AajSawaroApnaKal
  • I agree to receive emails from News18

  • I promise to vote in this year's elections no matter what the odds are.
  • Please check above checkbox.


Thank you for
taking the pledge

Vote responsibly as each vote counts
and makes a diffrence


Issued in public interest by HDFC Life. HDFC Life Insurance Company Limited (Formerly HDFC Standard Life Insurance Company Limited) (“HDFC Life”). CIN: L65110MH2000PLC128245, IRDAI Reg. No. 101 . The name/letters "HDFC" in the name/logo of the company belongs to Housing Development Finance Corporation Limited ("HDFC Limited") and is used by HDFC Life under an agreement entered into with HDFC Limited. ARN EU/04/19/13618
LIVE TV DownloadNews18 App
News18 English
News18 » World
2-min read

US Woman Brags Online About Stealing Data From Over 100 Million Credit Cards, Arrested

Paige Thompson, 33, faces up to five years in prison and a $250,000 fine if convicted of on the charge of computer fraud.


Updated:July 30, 2019, 10:10 AM IST
US Woman Brags Online About Stealing Data From Over 100 Million Credit Cards, Arrested
Paige Thompson, 33, faces up to five years in prison and a $250,000 fine if convicted of on the charge of computer fraud.

Los Angeles: A tech engineer in the western US state of Washington was arrested Monday on charges of stealing sensitive data from more than 100 million credit card applications at financial heavyweight Capital One.

Paige Thompson, 33, a former Seattle technology company software engineer, was nabbed by FBI agents after she boasted about the data theft -- one of the biggest to hit a financial services company -- on the information sharing site GitHub, authorities said.

"The intrusion occurred through a misconfigured web application firewall that enabled access to the data," a statement by the US attorney's office in Washington said.

"On July 17, 2019, a GitHub user who saw the post alerted Capital One to the possibility it had suffered a data theft."

It said the Virginia-based bank that specializes in credit cards contacted the FBI after confirming the data theft, which took place between March 12 and July 17 of this year.

"According to Capital One, the data includes data regarding large numbers of (credit card) applications, likely tens of millions of applications," according to the criminal complaint.

In a statement, Capital One said the hack affected 100 million individuals in the United States and six million in Canada.

"Importantly, no credit card account numbers or log-in credentials were compromised and over 99 percent of social security numbers were not compromised," the bank said.

'Sincerely apologise'

Thompson, who used the alias "erratic" in online conversations, allegedly posted several times about the theft on GitHub and on social media.

One posting on a Twitter account with the user name "erratic" read: "I've basically strapped myself with a bomb vest, fucking dropping capital ones dox and admitting it," according to the complaint.

Authorities said electronic storage devices containing a copy of the stolen data were recovered at her residence on Monday.

Capital One said some of the information in the applications stolen, such as social security numbers, is encrypted or tokenized. Other information including names, addresses, dates of birth and credit card history was not secured.

The company said it expects the breach to cost between $100 to $150 million in 2019. It added that free credit monitoring and identity protection would be made available to anyone affected.

"While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened," Richard Fairbank, the company's chairman and CEO, said in a statement. "I sincerely apologise for the understandable worry this incident must be causing those affected and I am committed to making it right."

Thompson faces up to five years in prison and a $250,000 fine if convicted of on the charge of computer fraud.

She was ordered held in jail Monday pending a detention hearing later this week.

News of the Capital One breach comes after US credit monitoring agency Equifax last week agreed to pay up to $700 million to settle a similar incident that hit the company in 2017, affecting nearly 150 million customers.

The penalty was the biggest ever in a data breach case and followed revelations that hackers had stolen the personal details of millions, including names, dates of birth and social security numbers.

Get the best of News18 delivered to your inbox - subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, TikTok and on YouTube, and stay in the know with what's happening in the world around you – in real time.

Subscribe to Moneycontrol Pro and gain access to curated markets data, trading recommendations, equity analysis, investment ideas, insights from market gurus and much more. Get Moneycontrol PRO for 1 year at price of 3 months. Use code FREEDOM.

Read full article
Next Story
Next Story

Also Watch


Live TV

Countdown To Elections Results
To Assembly Elections 2018 Results