Accused Capital One hacker 'had no malicious intent,' insists friend
Paige Thompson is accused of stealing the financial records of over 100 million Americans, but a self-described longtime friend says the situation is significantly more complicated than it first appears.
The Department of Justice on Monday announced the arrest of Thompson, a 33-year-old former Amazon employee. Federal authorities alleged in a criminal complaint that she exploited a misconfigured firewall to access millions of Capital One customers' records via a cloud company's servers.
"She had no malicious intent and was not targeting anyone," her friend insisted.
We got in touch with the friend, who we are not identifying by name, via a now-deleted Slack workspace that appears to have been set up by Thompson.
In the workspace, someone going by the name of "erratic" — who the DOJ alleges is Thompson — can be seen discussing files reportedly related to the Capital One hack. A screenshot of this conversation is included in the DOJ complaint, and we were able to find the same conversation in one of the Slack channels we accessed.
The Slack conversation included in the criminal complaint.Credit: screenshot / dojThe friend, who told Mashable they work in educational IT and software, says they have spoken with Thompson every day "for the last couple of years." The friend sent us logs of past conversations with Thompson, dating back to June 2018, as proof of their friendship. While we were unable to independently verify the logs, they appear genuine.
Importantly, the friend explained over Slack and Signal that Thompson had attempted to report the vulnerability she allegedly exploited — but no one listened.
"She went to prominent infosec community members to release it responsibly and they laughed at her and did not take her seriously," the friend wrote.
A screenshot, taken by Mashable, of the now deleted Slack.Credit: Screenshot / slackThe friend named a specific member of the information security community who Thompson allegedly attempted to notify, and we reached out to that person in an attempt to verify the claim. As of press time, we have not heard back.
The specific Slack channel within the workspace where the hack was discussed had the topic set to "Never give up on your dreams."
"Paige is a gifted and intelligent woman," the friend continued. "She was very curious and had a lot of time as she was not employed, and she was merely looking for nonsecure public HTTP servers and ended up in this mess."
The DOJ alleges Thompson discussed the hack in the public Slack workspace, as well as posted details of the breach to a GitHub page connected to her real name.
When asked if Thompson attempted to notify Capital One of the vulnerability, the friend said they didn't know. We reached out to Capital One, but haven't heard back as of press time.
SEE ALSO:Exasperated officials use pineapple pizza to explain Russian election interference"Had this been released through appropriate channels and she had not been laughed at by certain ppl in the infosec community she would be heralded as someone that brought to light vulnerabilities that the companies KNEW about and did not protect," the friend continued. "To me the real failing is on the company that did not protect their client data and allowed poorly configured servers to be in production."
If convicted, Thompson faces up to five years in prison and a $250,000 fine.
Featured Video For You
Presidential candidate Beto O'Rourke’s teenage hacker life
-
Cicadas love to land on people. Experts explain why.N. Korea rebukes redeployment of US aircraft carrier to East SeaFormer Prime Minister Lee WanNew Xiaomi phone will have a 108Apple finally sends out payments for MacBook's butterfly keyboard settlement25 Years Later: A Brief Analysis of GPU Processing Efficiency我市举行民营企业税收政策宣传培训会Yes, Twitter was downDNC 2024 speech: Barack Obama and Michelle Obama have a superpower no other Democrat has.For Biden and Trump volunteers, Zoom is a crucial tool
下一篇:US to oppose North Korean worker dispatch to occupied Ukrainian territory: State Dept.
- ·13 Places to Find Little Legends and Compact Cryptids
- ·Google Pixel 4's face unlock will get more secure but not straight away
- ·Elon Musk describes Tesla pickup as 'armored personnel carrier from the future'
- ·Elizabeth Smart kidnapper to be released early, parole board rules
- ·Garmin Fenix 8 vs. Apple Watch Ultra: The Fenix wins big on battery life
- ·Apple's iPhone 12 launch was like a 'Black Mirror' episode without the plot
- ·11 gifts to get kids interested in STEM
- ·Can Facebook's News tab fix the problems News Feed created?
- ·Tesla Robotaxis aren't coming in August, it seems
- ·深化纪检监察体制改革 持续释放治理效能
- ·How to (mostly) remove annoying Memoji from the iMessage keyboard
- ·大自然拥有疗愈人心的力量!波普艺术家吴膺铄为绿美广东代言
- ·NASA's new plan keeps Starliner astronauts in space until 2025
- ·HRW urges countries to join Beijing Games diplomatic boycott
- ·Satellite imagery shows flood damage at NK's nuclear test site: Beyond Parallel
- ·干净、整洁、有序农贸市场焕新颜
- ·Arshad Nadeem receives Hilal
- ·Slack problems: Messages not sending, completely down for some users
- ·Former Prime Minister Lee Wan
- ·名山区法院:开展禁毒宣传活动
- ·Ford can make your Mustang Mach
- ·TechSpot's Annual Guide to Buying a Used Graphics Card
- ·Here's why Google's Pixel 4 doesn't have 5G
- ·Elizabeth Smart kidnapper to be released early, parole board rules
- ·[Online Predators] Deepfake pornography haunts S. Korea
- ·Facebook finally bans anti
- ·NYT mini crossword answers for August 29
- ·揭阳桂岭教育加速“奔跑”!“组团式”教育帮扶携手筑梦
- ·The new specialty Reese's cups are perfect for the nuanced Reese's palate
- ·Women are thanking Chrissy Teigen for sharing her heartbreaking pregnancy journey
- ·50 Years Later: The Revolutionary 8008 Microprocessor
- ·N. Korea will only be more isolated if it continues provocation: Blinken
- ·深化纪检监察体制改革 持续释放治理效能
- ·For Biden and Trump volunteers, Zoom is a crucial tool
- ·共同推动雅安职工思想政治引领数智化发展工作做深做实
- ·Slack problems: Messages not sending, completely down for some users