Paige Thompson mined cryptocurrency on Capital One's cloud servers and hacked more than 30 companies - indictment

Freshly unsealed indictment claims that Thompson developed her own scanning tool to identify cloud computing accounts' misconfigured firewalls

Paige Thompson, the alleged hacker behind the Capital One compromise, used the companies hacked servers to mine cryptocurrency. She is also accused of penetrating the security of more than 30 other organisations at the same time.

That's according to the freshly unsealed indictment, which alleges that Thompson "created scanning software that allowed her to identify customers of a cloud computing company who had misconfigured their firewalls", enabling Thompson to access their backend servers.

The indictment alleges that Thompson not only downloaded data, but also used her access to those servers to mine cryptocurrency "for her own benefit".

The Department of Justice hasn't revealed all the 30+ organisations that Thompson cracked but indicated that the victims include a public-sector agency and a university in the US, and a telecoms "conglomerate" outside the US.

The indictment continues: "Law enforcement became aware of Thompson's activity after she shared information with another user on the site GitHub relating to her theft of information from the servers storing Capital One data.

"On July 17, 2019, the GitHub user alerted Capital One to the possibility it had suffered a data theft. After determining on July 19, 2019, that there had been an intrusion into its data, Capital One contacted the FBI," the Department of Justice revealed in a statement. "Investigators have found no evidence that Thompson sold or disseminated any of the information she accessed," it added.

While Thompson downloaded sensitive customer information, the Department of Justice continues to assert that it has found no evidence that it was sold, exploited or shared more widely.

The Capital One security breach was publicly revealed in July. It exposed the personal information of 106 million Americans and Canadians. Thompson was arrested within days following a raid on her home.

Thompson was identified by a number of basic operational security mistakes that prosecutors claim definitively linked her with the Capital One compromise.

Updated, 9 September 2019, in response to below-the-line comment