Paige Adele Thompson has been identified as the suspect accused of hacking into Capital One’s system, accessing credit card applications and compromising the personal data of more than 100 million people.
Capital One revealed the massive data breach in a news release on July 29, 2019. The bank says it does not appear that the hacker had used the stolen information for fraudulent purposes, but investigators will continue to look into it.
Thompson was arrested by FBI agents in Seattle and faces a federal charge of computer fraud and abuse. The FBI says Thompson appeared to brag about the hack online, which helped lead investigators to her.
Thompson’s roommate, Park Hung Quan, was also arrested after admitting to FBI agents that a large arsenal of weapons found inside the house belonged to him. The court documents in Quan’s case reveal that, according to prosecutors, Thompson had threatened to commit a mass shooting at a social media company in May of 2019, and had also threatened to commit suicide-by-cop.
Here’s what you need to know about the Capital One hack.
1. Approximately 140,000 Social Security Numbers Were Compromised in the Hack
If you use Capital One or recently applied for a credit card, keep a close eye on your accounts just in case. The Virginia-based bank explained that the data breach impacted more than 100 million credit card applications in the United States and another 6 million in Canada.
It’s also estimated that approximately 140,000 Social Security numbers were compromised. The bank account numbers of about 80,000 customers were also put at risk.
In a news release, Capital One explained that the “largest category of information accessed was information on consumers and small businesses as of the time they applied for one of our credit card products from 2005 through early 2019. This information included personal information Capital One routinely collects at the time it receives credit card applications, including names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income.”
Capital One’s CEO, Richard Fairbank, added, “While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened. I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.”
The bank says neither credit card numbers nor log-in credentials appear to have been compromised.
2. FBI Investigators Tracked Down Paige Thompson Via Various Online Platforms
Paige Adele Thompson is accused of hacking into a Capital One computer “without authorization” sometime between March and July of 2019. She obtained “information contained in a financial record of a financial institution and of a card issuer.”
According to the criminal complaint, the FBI honed in on Thompson after “information obtained from the obtrusion” was found on a GitHub page with Thompson’s name attached to it. A tipster had emailed Capital One on July 17, 2019, to alert them to the post. The message included a link to a file, that was confirmed to contain information for getting into Capital One systems.
The GitHub page was also linked to other sites belonging to Thompson, including on a resume she had uploaded.
The complaint added that Thompson often used the alias “erratic” on message boards and other online platforms. This served as another clue for investigators in tracking her online movements.
3. Paige Adele Thompson Appeared to Brag About the Hack Online
The FBI listed in the criminal complaint all of the online platforms investigators uncovered that appeared to lead to Paige Adele Thompson. The original GitHub profile linked to a GitLab page, which included Thompson’s resume.
Investigators further uncovered a Meetup group, a Slack channel and a Twitter account all affiliated with Thompson. The user “erratic” posted on the Slack channel on June 26, 2019, a list of files they possessed.
The complaint states that Thompson appeared to brag about the information she had accessed related to Capital One. The FBI agent wrote that Thompson had “made statements on social media fora evidencing the fact that she has information of Capital One, and that she recognizes that she has acted illegally.”
Above, you can see screen grabs included in the complaint. In one message written on June 27, Thompson wrote, “I wanna get it off my server that’s why Im archiving all of it lol … it’s all encrypted… I gotta find somewhere to store it.”
The FBI also included a screengrab from a Twitter post allegedly written by Thompson on June 18. It mentioned Capital One directly. “I’ve basically strapped myself with a bomb vest, f*cking dropping capitol ones dox and admitting it.” She then adds that she had social security numbers, along with full names and birth dates.
A Twitter account that appears to belong to Thompson is still active. You can see it here.
4. Investigators Seized Paige Thompson’s Digital Devices & Arrested Her on July 29
FBI investigators obtained a warrant to search Paige Adele Thompson’s home in Seattle and executed the search on July 29, 2019. According to the criminal complaint, Thompson was present along with five other people. CBS affiliate KIRO-TV in Seattle obtained video, embedded in the tweet above, of the moment agents arrived to search Thompson’s house.
Investigators seized several digital devices from Thompson’s bedroom. The complaint explained that “during the initial search of some of these devices, agents observed files and items that referenced Capital One and the Cloud Computing Company, other entities that may have been the targets of attempted or actual network intrusions, and “erratic,” the alias associated with Paige A. Thompson.”
Thompson was arrested and charged with computer fraud and abuse. According to Bloomberg, Thompson “broke down and laid her head down on the defense table” during an arraignment on July 29.
A bond hearing was held on August 1. Federal inmate records show that Thompson remains behind bars at a detention facility in Seattle. Thompson faces up to five years in prison and a $250,000 if convicted.
5. Paige Thompson Calls Herself the Chief Technology Officer of a Company Called Netcrave
Paige Adele Thompson described herself as a “Programmer, sysadmin, electronics enthusiast” on the GitLab profile mentioned in the third section of this article. Another profile states that she works at Netcrave Communications in Seattle. A search of online records brings up a now-deleted LinkedIn page that lists her occupation as “Owner / software engineer” at Netcrave. On a Meetup page, Thompson also described herself as the CTO of the company.
The resume that FBI investigators alluded to in the criminal complaint was easily found on Scribd, the online platform that allows for the sharing of documents. Thompson wrote on the resume that she worked for Amazon as a systems engineer in 2015 and 2016. Amazon Web Services hosted the Capital One server and is the “cloud computing company” referenced in the criminal complaint.
She also lists prior jobs as a software engineer at companies including ATG Stores Inc, ConnectXYZLLC and Seattle Software Systems. The resume states that Thompson attended Bellevue Community College but did not graduate because she left for a “career opportunity.”