In the same blog post, Twitch stated that they were directly contacting those affected by the breach. On October 15, Twitch reaffirmed that no passwords, login credentials, credit card numbers, or bank information was leaked in the attack. In a blog post, Twitch stated that this data was exposed due to an error in Twitch’s server configuration. “Their community is also a disgusting toxic cesspool, so to foster more disruption and competition in the online video streaming space, we have completely pwned them.” Though the attacker has not yet been identified, in their 4chan post they stated an activist motive: An unknown attacker posted 128 gigabytes of leaked files to a 4chan message board, including Twitch’s source code, earnings numbers for streamers, and more. On October 6, 2021, there was a major data breach to Twitch, a streaming platform owned by Amazon. October 2021: Hacker Leaks Twitch Data to 4chan Finding their security practices lacking, the Office of the Comptroller of Currency fined Capital One for $80 million, and the company paid out an additional $190 million settlement in a class action lawsuit.
Thompson could face up to 45 years in prison.Ĭapital One does not seem to have been free of responsibility for the incident. The jury found her not guilty of access device fraud and aggravated identity theft. attorney Andrew Friedman put it in his closing arguments, “She wanted data, she wanted money, and she wanted to brag.”Īfter ten hours of deliberation, a Seattle jury found Thompson guilty of wire fraud, as well as five counts of unauthorized access to a protected computer and damaging a protected computer.
Department of Justice argued otherwise, noting that Thompson failed to notify the companies she breached, bragged about the incident on hacker forums under the alias “erratic”, and profited from the breach by installing cryptomining software on many of the servers she hacked. The defense portrayed Thompson as an ethical hacker seeking to notify companies of vulnerabilities before bad actors could exploit them. All told, Thompson stole the personal information of over 100 million people, including names, dates-of-birth, and social security numbers. While working for Amazon Web Services, Thompson exploited her knowledge of cloud server vulnerabilities at Capital One and more than 30 other companies. In June 2022, former Amazon employee Paige Thompson was convicted for her role in the 2019 Capital One breach. June 2022: Former Amazon Employee Convicted for Capital One Breach
Below, we’ll go into more detail on the full history of Amazon breaches, starting with the most recent.
There have also been numerous breaches in Amazon Web Services (AWS) over the years, which you can read about in our article on AWS data breaches.
This leak included Twitch’s source code, streamers’ earnings numbers, and more, but does not appear to have compromised users’ login credentials or credit card information. Otherwise, the most recent known Amazon data breach happened on October 6, 2021, when an unknown hacker leaked sensitive data pertaining to Twitch, a streaming service owned by Amazon. The hacker in question used her insider knowledge of to hack over 30 companies and illegally access the personal data of over 100 million people. In June 2022, a former Amazon employee was convicted for her role in the 2019 Capital One breach.