The former Amazon engineer charged with hacking into Capital One’s databases and gaining access to customer and applicant information pleaded not guilty to counts of wire fraud and computer fraud Thursday.
Paige Thompson’s plea paves the way for a trial to begin in the case Nov. 4. The Seattle Times reported that the trial date will likely be delayed as the case is litigated. Thompson was arrested in July for allegedly perpetrating one of the largest breaches of a major financial institution, a hack that affected about 106 million people in the U.S. and Canada.
Authorities say Thompson, also known as “erratic” online, faces up to 25 years in prison if found guilty of the charges.
A federal grand jury indicted Thompson in August, alleging she illegally accessed data from customers of a cloud computing company by exploiting misconfigured web application firewalls on their cloud servers. The identity of the cloud computing provider was not mentioned, but Amazon has been named in lawsuits related to the breach that allege the tech giant is also culpable for the breaches.
The indictment also revealed that Thompson mined cryptocurrency after allegedly infiltrating the cloud servers of Capital One and more than 30 other companies. Other hacking victims include a state agency, a foreign telecommunications conglomerate, and a public research university
Thompson allegedly used software to identify companies whose firewalls were vulnerable to outside commands. She then sent requests that returned the security credentials of customers with access to data on the servers. The indictment says Thompson concealed her location and identity using virtual private networks and The Onion Router, aka Tor, software for anonymous online communication.