A former Amazon Web Services worker was convicted of hacking into the company's cloud servers to steal customer data and computer power that she used to mine cryptocurrency.
Following a week-long trial in Seattle, Paige A. Thompson, 36, was found guilty of seven federal crimes, including wire fraud, which carries a prison sentence of as long as 20 years, US prosecutors said Friday in a statement.
Prosecutors say Thompson, who went by the screen name "erratic," created a tool that searched for misconfigured accounts on Amazon Web Services. She was able to hack into the accounts of more than 30 Amazon customers, including Capital One Bank, and download the personal information of more than 100 million people, they said. Capital One disclosed the breach in 2019 and paid regulatory fines of more than $80 million, along with $190 million to settle customer lawsuits.
Aside from stealing data, Thompson planted mining software on servers that she used to harvest cryptocurrencies with the proceeds going to her online wallet, prosecutors say.
Thompson's lawyers didn't immediately respond to requests for comment.
She allegedly extolled her crimes in texts and online forums, which were shown at her trial. "She wanted data, she wanted money, and she wanted to brag," Assistant US Attorney Andrew Friedman said in closing arguments, according to the statement.
After deliberating for 10 hours, the jury found her guilty of wire fraud, unauthorized access to a protected computer and damaging a protected computer, according to the statement. She was found not guilty of access device fraud and aggravated identity theft.
US District Judge Robert S. Lasnik scheduled sentencing for Sept. 15.
The case is USA v. Thompson, 19-cr-00159, U.S. District Court, Western District of Washington (Seattle).