In various online platforms, authorities say, the suspect is accused of hacking Capital One for what she had done: penetrating a vulnerability in the financial institution's database and compromising millions of customers.
Her joy continued even after she was communicating with warning that what she was doing was "drawn" and told her "do not go to jail plz", screenshots in a federal criminal complaint filed Monday show.
Ultimately, it was the electronic trail of brags – plus occasional mention of cats – that authorities said led them to Paige A. Thompson, a former Seattle software engineer who was arrested Monday in connection with the hacking, one of the largest the bank data breaches in history.
Thompson, 33, was arrested for allegedly hacking into a server rented by Capital One and collecting data for more than 100 million people. It was not clear if any of the information was provided to third parties, something authorities are looking at as part of their investigation. She was charged with a count of computer fraud and abuse and has up to five years in prison and a $ 250,000 fine.
At least once since March, Thompson allegedly gained access to the data through a misconfigured security feature and then posted it to GitHub, a platform commonly used for software development projects, the 12-page criminal complaint says.
In the complaint, FBI Special Agent Joel Martini detailed how the boast and other online clues, which appeared on GitHub, Twitter, the social network Meetup and the messaging platform Slack, quickly led him to Thompson, who once worked for Amazon Web Services.
The FBI was first notified of the breach when an unidentified person sent a message to Capital On's security hotline email address, informing companies that "there appears to be some leaked" data on GitHub. The URL of the GitHub page included Thompson's full name, including her middle name, Martini wrote. On the GitHub page was Thompson's resume with her home address.
Attached to the email from the tipster was a direct message from a Twitter account with the username "erratic" who wrote to the tipster on June 18: "I basically got caught with a bomb vest, f —– g dropped the capitol de dox and admitted it, "with" dox "referring to publishing private identifying information online. "I want to distribute these buckets I think first."
"Erratic" appeared to have been Thompson's username on multiple platforms. At Meetup, Martini found a group dedicated to chatting about hacking that listed "erratic" as the organizer. The group included an invitation to a Slack channel where a user, under the names "erratic" and Thompson's full name, seemed to boast of the intrusions they had committed.
"Sketchy s – t," someone else in the Slack channel, whose username was edited in the criminal complaint, responded June 27. "Don't go to jail plz."
Recent tweets from the "erratic" Twitter account contain some retweets of various technology-related accounts. They also mention having to put a dear pet to sleep: "I MISS MY CAT !!!!: ((" one said on July 25, July 23), one read : "Millie passed away about 3 : 15. It was the most painful. "Another tweet later in the day read:" She was [a] sweet and loving cat. "
Meanwhile in the Slack channel where the user by Thompson's name and" erratic "was posting, there were discussions about a pet as well. Sometime around July 19, the user with Thompson's name included an estimate from a veterinarian from the previous month who listed the same home address as Thompson's resume.
For Martini, this was confirmation that Thompson was the person who let under the two usernames, especially after reviewing photos posted on her Twitter that appeared to portray her as the same person shown in slack channel photos.
Authorities searched Thompson's home Monday and seized several digital devices, which agents found included files with reference is to Capital On e on them. Thompson was named a public defender, who did not immediately return a request for comment.
Capital One said in a statement that it would provide free credit monitoring and identity protection to all concerned.
"While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened," said Chairman and CEO of Capital One Richard D. Fairbank. "I sincerely apologize for the understandable concern this incident must have cause those affected, and I'm committed to doing it right. "