Capital One hacker took data from more than 30 companies, new court docs reveal

Paige A. Thompson, the hacker accused of breaching US bank Capital One, is also believed to have stolen data from more than 30 other companies, US prosecutors said in new court documents filed today and obtained by ZDNet.

"The government's investigation over the last two weeks has revealed that Thompson's theft of Capital One's data was only one part of her criminal conduct," US officials said in a memorandum for extending Thompson's detention period.

"The servers seized from Thompson's bedroom during the search of Thompson's residence, include not only data stolen from Capital One, but also multiple terabytes of data stolen by Thompson from more than 30 other companies, educational institutions, and other entities."

US prosecutors said the "data varies significantly in both type and amount," but, based on currently available information, "much of the data appears not to be data containing personal identifying information."

Government hasn't identified/notified all victims

US officials said the investigation is still ongoing and the FBI is still trying to identify all the companies from where Thompson stole data they found on her home server.

"The government expects to add an additional charge against Thompson based upon each such theft of data, as the victims are identified and notified," prosecutors said.

The court documents don't list the names of any of the other 30+ companies that Thompson is believed to have hacked. However, according to previous media reports, this list might include companies such as Unicredit, Vodafone, Ford, Michigan State University, and the Ohio Department of Transportation.

Thompson, a former Amazon engineer, is believed to have breached AWS servers belonging to Capital One and the additional 30+ companies, from where she took proprietary information that she later stored on her home server. From Capital One alone, Thompson is believed to have taken the personal data of over 106 million Americans and Canadians.

After her arrest, Thompson told investigators that she did not sell or share any of the stolen data. In the new court documents, US officials said they haven't found any evidence to suggest that Thompson lied, which might reduce the extent of the 30+ breaches that she is accused.

As for the Capital One accusations, the US government believes it has a rock-solid case. "The evidence that Thompson committed this crime is overwhelming," officials said.

The court documents filed today, which argue for continuing to detain Thompson, also detail three stalking allegations, threats to "shoot up" a company's office, and threats to commit "suicide by cop" by pulling a fake gun on an officer and force the officer to shoot back. The US government also noted that Thompson's past behavior appears to be related to "a significant history of mental health problems."

The best beach reads for hackers in 2019

More data breach coverage:

• Spanish brothel chain leaves internal database exposed online
• Breach alert in South Korea after 1m card details were put up for sale online
• Voter records for 80% of Chile's population left exposed online
• State Farm says hackers confirmed valid usernames and passwords
  
• AT&T employees took bribes to plant malware on the company's network
• GitHub sued for aiding hacking in Capital One breach
• A hacker assault left mobile carriers open to network shutdown CNET
  
• 90% of data breaches in US occur in New York and California TechRepublic