FBI Accuses The Capital One Hacking Suspect of 30+ Additional Data Breaches

Last updated September 28, 2021
Written by:
Bill Toulas
Bill Toulas
Infosec Writer

As the Seattle Times reports, the federal agents that arrested a 33-year-old woman named Paige Thomson in her residence following the recent Capital One breach have found new evidence. As it appears from a fresh petition filed by the prosecutors, the same person is believed to be responsible for at least another 30 data breaches, as this became evident after an in-depth analysis of the server that Thompson operated from her bedroom. These hacks include attacks in other companies, educational institutes, and other entities. Still, the investigation is ongoing, so more details about Thompson’s activities will surface soon.

For now, Thomson faces charges of computer fraud and abuse, but the police have also seized a whole arsenal of weapons, ammunition, and even explosive material which reportedly belongs to her roommate, Park Quan. The petition proposes the detention of Thomson “as a danger”, touting the nature of the offense which the prosecutors deem as “tremendously serious”, as the hacker has actually committed one of the largest intrusions and data thefts ever. In addition to that, the FBI states that Thompson has a history of mental health issues and severely erratic behavior, making her non-appearance in court possible in the case that she is left undetained. Characteristically, it was unveiled that Thomson used the alias “erratic” herself.

As we reported two weeks ago, Capital One lost the data of 106 million of its customers, while the name of the hacker responsible had already been made known. However, the initial five years in prison and $250K in fines is a penalty that is very likely to be revisited now that the evidence burdens Thomson with more data cyber-thefts. However, the FBI points out that there’s no indication that the hacker had the time to make a profit out of this latest breach, as she was arrested on July 29, twelve days after the breach.

Still, GitHub, Amazon Web Services, and Capital One face an overwhelming amount of lawsuits that accuse them both of criminal facilitation. Right now, this number has grown to forty lawsuits in the United States and another eight in Canada. It is estimated that Capital One will have to pay around $150 million to handle the consequences and repercussions on all levels. Depending on the outcome of the lawsuits however, this amount may grow to a much bigger one.

Have something to comment on the above? Feel free to do exactly that in the comments section beneath, or on our socials, on Facebook and Twitter.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: