The Seattle software engineer accused of illegally accessing more than 100 million credit card applications during a massive hack of Virginia-based Capital One also had stolen data from “more than 30 other companies,” according to federal prosecutors.
Federal agents seized servers from Paige A. Thompson’s bedroom that had “multiple terabytes” of stolen data from other companies or entities, including “educational institutions,” according to a memorandum filed by prosecutors Tuesday in U.S. District Court for the Western District of Washington.
“Although not all of those intrusions involved the theft of personal identifying information, it appears likely that a number of the intrusions did,” according to the memorandum. Prosecutors said they were still identifying all of the victims.
Thompson is likely to face new charges related to the additional alleged data thefts, according to the memorandum, filed by U.S. Attorney Brian Moran and Assistant U.S. Attorneys Andrew Friedman and Steven Masada. It argues that Thompson should be detained pending resolution of her case and not be released on bond.
“Thompson is charged with committing one of the largest cyber intrusions and data thefts in history,” the prosecutors said. Even if all of the stolen data is recovered “the impact of Thompson’s crime will be immense.”
Lawyers for Thompson did not immediately respond to an email seeking comment.
Thompson was arrested last month on charges of computer fraud and abuse for the hack of Capital One, one of the largest data thefts to ever hit a financial services firm. A criminal complaint says the software developer stole 100 million credit card applications from Capital One, exposing 140,000 Social Security numbers and 80,000 bank account numbers, as well as credit scores and other personal information.
The bank has said it expects the hack to cost it $100 million to $150 million this year.
Her arrest came just days after credit reporting company Equifax reached a $700 million settlement with U.S. regulators over the high-profile 2017 cyberattack that exposed the data of 147 million people.
Thompson, who authorities say used the name “erratic” in online conversations, made statements on social media tying herself to the hack of Capital One, according to court documents. In one online posting, “erratic” wrote: “I’ve basically strapped myself with a bomb vest, [expletive] dropping capitol ones dox and admitting it,” according to court documents.
Prosecutors are seeking to keep Thompson detained until her trial and cited her “long history of threatening behavior that includes repeated threats to kill others, to kill herself, and to commit suicide by cop.” Thompson may also have mental health issues and has told others she takes psychiatric medications, the motion states.
During a search of Thompson’s home, federal agents also found an “arsenal of weapons, ammunition, and explosive material” in the bedroom of her roommate, who is a felon, according to court documents. Agents seized the firearms, including two bump stocks and two 37 mm “flare launchers.”
“The fact that all of these weapons were recovered in the bedroom adjacent to Thompson, most of them readily accessible to her, is obviously of concern, given Thompson’s recurrent threats to commit violence against herself and other,” the prosecutors’ memorandum said. “Thompson poses both a significant danger to the community and a risk of nonappearance.”
A hearing on whether Thompson should remain detained is scheduled for Aug. 22.