Signage appears on the outside of a Capital One Financial Corp. cafe branch in Walnut Creek, California, USA, Tuesday, July 18, 2017.
Bloomberg | Getty pictures
A former Amazon Web Services employee was convicted of hacking into Capital One and stealing data from more than 100 million people almost three years ago in one of the largest data breaches in the United States.
Paige Thompson, who worked for the software giant as an engineer until 201[ads1]6, was found guilty on Friday of seven federal crimes, including wire fraud, which carries up to 20 years in prison. The other charges, illegal access to a protected computer and damage to a protected computer, can be punished with up to five years in prison. A jury found Thompson not guilty of aggravated identity theft and fraud with access devices after 10 hours of deliberation, it is stated in a publication.
Prosecutors allege that Thompson, who worked under the name “uneven,” created a tool to search for misconfigured accounts on AWS. It allowed her to hack into the accounts of more than 30 Amazon customers, including Capital One, and retrieve that data. Prosecutors say Thompson also used her access to some of the servers to extract cryptocurrency that went to her own wallet.
“She wanted data, she wanted money, and she wanted to brag,” Assistant U.S. Attorney Andrew Friedman said of Thompson in closing arguments during the week-long trial.
Capital One in December agreed to pay $ 190 million to settle a class action lawsuit over the breach, in addition to a previous agreement to pay $ 80 million in regulatory fines. The data that was stolen includes around 120,000 social security numbers and about 77,000 bank account numbers, according to the complaint.
A lawyer representing Thompson did not immediately respond to a request for comment.
U.S. District Judge Robert S. Lasnik sentenced Thompson to Sept. 15.
Subscribe to CNBC on YouTube.