cancel
Showing results for 
Search instead for 
Did you mean: 

Hacker of Capital One hacked about 30 companies...

Auto Loans for ANY Credit Situation. Immediate Response.
Advertiser disclosure
Regular Contributor

Hacker of Capital One hacked about 30 companies...

https://thehill.com/homenews/news/457494-accused-capital-one-hacker-may-have-breached-30-companies-f...

Interestingly there isn’t a list I can find of the companies breached.
Message 1 of 3
2 REPLIES 2
Established Contributor

Re: Hacker of Capital One hacked about 30 companies...

The investigators haven't officially released the list of what they found at the apartment yet...

 

See the filing at: https://www.scribd.com/document/421860692/Thompson-New-Memorandum

 

"The government’s investigation over the last two weeks has revealed that Thompson’s theft of Capital One’s data was only one part of her criminal conduct. The servers seized from Thompson’s bedroom during the search of Thompson’s residence, include not only data stolen from Capital One, but also multiple terabytes of data stolen by Thompson from more than 30 other companies, educational institutions, and other entities. That data varies significantly in both type and amount. For example, much of the data appears not to be data containing personal identifying information. At this point, however, the government is continuing to work to identify specific entities from which data was stolen, as well as the type of data stolen from each entity. The government expects to add an additional charge against Thompson based upon each such theft of data, as the victims are identified and notified."

 

...but 30+ companies looks like a major overstatement, based on the actual info listed on the Twitter and Slack accounts involved. (Not exactly hard to find...)

 

There appear to be 30+ archive files involved, but many of them are clearly from the same organization, are duplicates, or contain very little data (although some of those small files may in turn contain passwords or keys to access other systems/data).

 

The individual in question has claimed they include Capital One, Vodafone, Michigan State, and the Ohio DOT.

 

Many of the files have fairly generic names, but the ones that may (or may not!) indicate other involved organizations include: "42lines.net", "apperian", "astem", "ford", "globalgarner", "hslonboarding", "identiphy", "infobloxcto", "iwcodeacademy", "safesocial", "starofservice", "unicredit", and "wakoopa".  Note that the names of the files do not necessarily indicate their true content, and some of the generically-named files may well contain additional organizations' data.

 

EQ8:850 TU8:850 EX8:850
EQ9:850 TU9:850 EX9:850
EQ5:809 TU4:789 EX2:819 - 2019-09-06
Message 2 of 3
Regular Contributor

Re: Hacker of Capital One hacked about 30 companies...

This is incredibly interesting. Thank you, @iv.
Message 3 of 3
Advertiser Disclosure: The offers that appear on this site are from third party advertisers from whom FICO receives compensation.