Former AWS Employee Convicted Of Hacking Into The Company’s Cloud Servers, Stealing Customer Data and Computer Power

Former AWS Employee Convicted Of Hacking Into The Company’s Cloud Servers, Stealing Customer Data and Computer Power

Federal charges are arising from a 2019 hack that exposed the accounts of 100 million credit card users and led to the conviction of a former Amazon developer this Friday.

The logo of AWS on a white background with black letters.

Paige Thompson was found guilty on seven counts of computer and wire fraud by a jury in Seattle. After eight days of testimony and one day of discussion, the decision was announced Friday afternoon.

Thompson, 36, was responsible for one of the greatest data breaches in US history in 2019 when she downloaded information from over 100 million Capital One users. The information contained around 120,000 Social Security numbers and approximately 77,000 bank account numbers.

Thompson, who worked as a systems engineer for Amazon Web Services but departed years before the attack, sought

clients with misconfigured firewalls to obtain that information. The authorities said that she subsequently took advantage of such flaws to mimic an authorized user.

Thompson’s data requests were completed because Capital One’s internal system identified her inquiries as coming from a “friendly” machine. Prosecutors claimed she allegedly installed cryptocurrency mining software on the computers of the firms, thus stealing their computing power to generate cash for her personal advantage.

Furthermore, Thompson was found guilty of wire fraud and six counts of computer fraud and abuse. She was found not guilty of access device fraud and aggravated identity theft.

Nick Brown, who serves the role of U.S. attorney for the Western District of Washington, had the following to say:

We’re thrilled with the verdict. Hopefully, it’s good deterrence for other people, like Ms. Thompson, who purport to be good-faith hackers, but who are in fact engaged in something far more dangerous.


Two opposing interpretations of the important word “without authority” were at the heart of Thompson’s case. Thompson was charged with breaching the United States Computer Fraud and Abuse Act, which makes it unlawful to knowingly access a computer “without authorization” or “exceeding allowed access.”

The prosecution highlighted in its closing arguments that Thompson did not have authorized access since she did not have specific authorization from Capital One or other compromised firms to examine and download their data.

The defense argued that Thompson’s activities were legitimate since the infiltrated organizations’ systems worked as expected, and anybody with access to a web browser could have done the same.

The administration used the analogy of concealing a home key beneath a door mat as a response. Someone may stroll around the neighborhood looking under every doormat for the key, but just because the key fits the lock doesn’t indicate the intruder has “permission” to enter the property.

The government also cited a sample of Thompson’s tweets, Slack conversations, and discussion board posts to show that she was a calculating hacker driven by money rather than a heroic “white-hat hacker” attempting to uncover and patch weaknesses in the firm’s online defenses.

Thompson’s counsel, federal public defender Mohammad Hamoudi, highlighted in closing arguments Thursday that, despite the fact that Thompson did not have a degree in engineering or computer science, computers allowed her to connect to people and places outside of her troubled home life. Thompson may feel lonely in the cold and impersonal world of computers, prompting her to act out.

He reminded the jury that Thompson’s pals testified about her frequently frantic communications, sent from the apt username “erratic,” and urged the members not to place too much weight on the government’s handful of example messages.

Thompson is still out on bail until her sentence later this year.

Manchester Cloud Hosting and Data Center Operator Teledata Launches New Premium Web Hosting Service  

For companies searching for a helpful approach to hosting their websites, Teledata, a Manchester-based cloud hosting and data center operator, has developed a premium web hosting solution.
1 min read
Sara Mirchevska
Sara Mirchevska
Hosting Expert

Cloud Computing Is To Reach A New All-Time High in 2022

In 2022, investment in traditional IT equipment for data centers will finally be surpassed by spending on shared cloud IT infrastructure. With corporate customers spending $18.3 billion on cloud computing and storage infrastructure in the first quarter of 2022, up 17.2%  year over year, spending on cloud services is likely to reach another critical tipping […]
2 min read
Sara Mirchevska
Sara Mirchevska
Hosting Expert

SiteGround’s New Data Center & CDN Location in Spain Deliver Faster Data Access and Reduced Networking Costs

SiteGround added a new data center facility in Madrid, Spain, to its global network on June 17, 2022. With less than a month of operation, the provider has confirmed the many benefits of a well-dispersed network and the importance of geography in web hosting.
3 min read
Sara Mirchevska
Sara Mirchevska
Hosting Expert

The Search Volume For Free Web Hosting Reaches Its All-Time High In 2022

As individuals adjust to the severe economic downturn and the cost-of-living issue, the combined search for free website builders and free web hosting has reached its highest level in over two years.
1 min read
Sara Mirchevska
Sara Mirchevska
Hosting Expert
HostAdvice.com provides professional web hosting reviews fully independent of any other entity. Our reviews are unbiased, honest, and apply the same evaluation standards to all those reviewed. While monetary compensation is received from a few of the companies listed on this site, compensation of services and products have no influence on the direction or conclusions of our reviews. Nor does the compensation influence our rankings for certain host companies. This compensation covers account purchasing costs, testing costs and royalties paid to reviewers.
Click to go to the top of the page
Go To Top