Hacker Downloaded Credit Card Apps, Social Security Numbers, and bank account information affecting more than 100 million people on Capital One's server, the bank announced on Monday. Authorities say they arrested a suspect, software engineer in Seattle's Paige Thompson, after she posted about the incident on social media, the New York Times reported.
"Basically, I strapped on a bomber jacket, dropped a capital dock, and admitted it," said prosecutors in Thompson, published in Slack, prosecutors.
Her posts on the Meetup social network initially alerted the FBI after the July 19 breach, according to the New York Times. There, Thompson led a group called the Seattle Varez Kiddie for "someone with appreciation for common systems, programming, hacking, cracking." Since then, they have been following her online activity on other Twitter and Slack accounts, where she is reportedly bragging about the hack. ,
Thompson has been charged with computer fraud and abuse and faces a maximum sentence of $ 250,000 fine and up to five years in prison, the BBC reported.
According to court documents, the FBI says the hacker took advantage of a "wrong firewall configuration" to disrupt the bank's server. Capital One attributed the incident to an exploited "configuration vulnerability" and said the hacker had handled 140,000 social security numbers and 80,000 bank account numbers. In total, the hyde compromised information affecting about 100 million people in the United States and another 6 million in Canada.
Bank CEO Richard D. Fairbank apologized for the incident in a statement Monday.
"I'm very sorry for what happened," Fairbank writes. "I sincerely apologize for the understandable concern that this incident should cause to those affected, and I commit to addressing it."
Following the data breach, Capital Capital offers free credit monitoring and identity protection to anyone affected,