Federal grand jury indicts Paige Thompson on two counts related to the Capital One data breach – gpgmail


The Department of Justice said today that a federal grand jury has indicted software engineer Paige Thompson on two counts related to the Capital One data breach that affected over 100 million customers. The charges in the indictment carry penalties of up to 25 years in prison. Thompson will be arraigned in U.S. District Court in Seattle on Sept. 5.

Thompson allegedly created created software that allowed her to see which customers of a cloud computing company (the indictment does not name the company, but it has been identified as Amazon Web Services) had misconfigured their firewalls and accessed data from Capital One and more than other 30 companies.

Much of the information in today’s indictment was already included in the FBI’s criminal complaint filed in July. In the indictment, however, the Department of Justice includes the new allegation that Thompson used the cloud servers she allegedly breached for cryptojacking. Though Thompson had previously made references to cryptojacking, or stealing someone else’s processing power to mine cryptocurrencies, in Slack messages reported by Forbes, today’s indictment does not contain new evidence about why the Department of Justice is making those claims.

Research has found that cryptojacking may be on the rise, in part because many organizations do not have adequate security measures in place.

In its statement, the Department of Justice said it has identified some of the victims of the data breach, including a state agency and a public research university located outside Washington state and a telecommunications conglomerate outside of the U.S. The indictment did not name the victims, but security firm CyberInt has said that Vodafone, Ford, Michigan State University and the Ohio Department of Transportation may all be victims of the data breach, which also included 106 credit card applications and files copied from a cloud server by Thompson.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Equifax, Capital One and your stupid desire for justice – gpgmail


Hello, weekenders. This is Week-in-Review, where I give a heavy amount of analysis and/or rambling thoughts on one story while scouring the rest of the hundreds of stories that emerged on gpgmail this week to surface my favorites for your reading pleasure.

Last week, I talked about the Facebook FTC fine, the Sprint/T-Mobile deal getting approved, and the creeping feeling that decisive antitrust action was going to be fairly limited in scope.


Jaap Arriens/NurPhoto via Getty Images

The big story

There’s no rest for the wicked.

The very same week that users impacted by the Equifax breach were told they wouldn’t be receiving their full $125 settlement because too many people wanted it and not enough funds were put aside, we heard about a new awful hack, this time affecting Capital One and about 100 million of its customers.

Before delving into the blame game, I’d first like to call attention to their ingenious solution towards minimizing the fallout, by hoping affected parties didn’t read the bullet points in their statement.

Why does Capital One feel it gets to act this way? Because transparency still isn’t incentivized in any way during these data breaches and for these companies damage minimization is the true crisis, not making things better for consumers.

The FTC settlement with Equifax has left the stock price in the worrisome position of being within striking distance of an all-time high. The fact that consumer payouts were lowered because the FTC didn’t understand the full scope of consumers that knew they had been affected just adds insult to injury.

We likely still don’t know the extent of the damage from this breach, but we all understand the extent of the damage that Capital One may end up feeling — our anger and not much else.

Send me feedback
on Twitter @lucasmtny or email
lucas@Gpgmail.com

On to the rest of the week’s news.

Image via Getty Images / mrspopman

Trends of the week

Here are a few big news items from big companies, with green links to all the sweet, sweet added context:

  • Facebook is still working on a brain-computer link
    You might imagine that after all the privacy scandals have highlighted Facebook’s inability to cope with ethical concerns on existing platforms, Facebook may be a bit more reticent to build out future platforms, but you would be wrong! Facebook picked this week to highlight some of the progress of its non-invasive thought-to-text speech that it hopes will bring sophisticated input to AR headsets in the future. Read more here.
  • A Ninja disappears
    Microsoft, and you may not know this, runs a Twitch competitor called Mixer which it built on the back of its Beam acquisition. The platform received a lot more visibility this week when one of Twitch’s biggest stars, Ninja, announced he was going to be leaving the platform and streaming exclusively on the Microsoft-owned platform. I am deathly curious what the price of this deal was, shoot me an email if you have leads. Read more here.
  • Trump strikes at JEDI
    Maybe $10 billion isn’t what it used to be in the age of Softbank and decacorns being the new unicorns, but to Silicon Valley’s cloud titans, the government’s $10B JEDI cloud contract is huge. Trump also hates Jeff Bezos and is lobbying the DoD not to toss Amazon any favors. Read more here.

GAFA Gaffes

How did the top tech companies screw up this week? This clearly needs its own section, in order of badness:

  1. Apple reigns in Siri recording analysis after backlash:
    [Apple suspends Siri response grading in response to privacy concerns]
  2. Google gets busted over voice recordings as well:
    [Google ordered to halt human review of voice AI recordings over privacy risks]

Photo by Steve Jennings/Getty Images for gpgmail

Extra Crunch

Our premium subscription service had another week of interesting deep dives. The most interesting — of course — was what I wrote this week 🙂 I chatted with NEA’s GP Scott Sandell about his investments in both Salesforce and Tableau and about his 25-year career in VC.

Sandell: Well, I don’t know, I can’t speak for the industry because I think most firms are different. But at NEA, we intentionally hire and develop associates, and some of them become partners and general partners. So we have a long tradition in a systematic way of doing that.

Matney: Why do you favor that route?

Sandell: That’s a good question. I think, looking at it from the other side, we haven’t had a lot of success, hiring in very seasoned executives and turning them into investors, and I don’t think the industry has either. I think that that’s a fairly low-probability event that somebody that’s been the CEO of XYZ turns into a great investor.

Adding somebody as a general partner means that you’re going to commit a lot of capital to them before you know whether they’re any good, so they’re a much more expensive failure if they come in as a general partner and turn out not to be a good enough investor. You know, a lot of people come in that way and think they already know everything there is to know, they’re a little bit less likely to recognize that being an investor is an entirely different skillset. And while the experience they have can be informative to that and possibly very advantageous, it’s really a completely different game…

Here are some of our other top reads this week for premium subscribers. This week, we talked about “virtual beings” and how to handle exceptional talent at your startup.

We’re excited to announce The Station, a new gpgmail newsletter all about mobility. Each week, in addition to curating the biggest transportation news, Kirsten Korosec will provide analysis, original reporting and insider tips. Sign up here to get The Station in your inbox beginning this month.




10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something

Capital One hacked, over 100 million customers affected – gpgmail


Capital One was hacked, the company has disclosed. The breach was first discovered on July 19th.

A notice about the data breach is currently being broadcast from the company’s home page.

Here’s what we know so far:

  • Capital One believes the breach exposed credit card application data for those who’d applied between 2005 and 2019.
  • The company says this works out to roughly 100 million individuals in the US, and 6 million in Canada.
  • The data leaked potentially includes “names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income” of those who’d applied, as well as information like “credit scores, credit limits, balances, payment history, contact information”
  • Capital One is estimating that roughly 140,000 social security numbers were potentially compromised in the US, as well as 80,000 linked bank account numbers. In Canada, roughly 1 million Social Insurance Numbers were compromised.
  • Transaction data for “a total of 23 days” spread across 2016/2017/2018 was obtained

A notice from the US Department of Justice says that Seattle engineer Paige A. Thompson was arrested in connection with the breach this morning. The notice says that Capital One was alerted about the breach by a GitHub user who spotted another user posting about it on the site.


10 minutes mail – Also known by names like : 10minemail, 10minutemail, 10mins email, mail 10 minutes, 10 minute e-mail, 10min mail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe. Try tempemail and you can view content, post comments or download something