Capital One hacker targeted multiple companies

(Image credit: Image Credit: Welcomia / Shutterstock)

Do you remember Paige A. Thompson, a hacker that was accused of hacking US bank Capital One? Well, further investigation has now determined that the bank wasn’t her only victim. In fact, she appears to have stolen sensitive data from more than 30 other companies.

According to new court documents, which have been seen by ZDNet, US prosecutors claim US bank Capital One incident was just “part of her criminal conduct”. When law enforcement agencies seized her servers during the search of her premises, they held “multiple terabytes of data stolen by Thompson from more than 30 other companies, educational institutions and other entities”.

The same document says the “data varies significantly in both type and amount”, but it seems as it is not personally identifiable.

The names of the victim companies were not disclosed, however, the media are saying Unicredit, Vodafone, Ford, Michigan State University, and the Ohio Department of Transportation are most likely on that list.  

The prosecutors have said that the government expects to add additional charges against Thompson, for each theft incident.

Two weeks ago, it was reported that the American bank holding company Capital One has suffered a data breach that it has seen the data of more than 100 million people compromised.

The breach was first discovered on July 19 this year, when it was notified by a GitHub user after another user was found bragging about it. It believes that the data of everyone who applied between 2005 and 2019 is compromised, which means roughly 100 million people in the US, and some six million people from Canada.

The data that was taken includes “names, addresses, ZIP codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income”, but also “credit scores, credit limits, balances, payment history, contact information.”