Happy Nice Mall

Just as Amazon stores millions of physical products in a dizzying array of warehouses, Amazon Web Services holds vast amounts of data for other companies that rent space on their servers. Among his clients was Capital One.

In early 2019, several years after she stopped working for Amazon Web Services, Ms. Thompson called her clients who had not properly set up firewalls to protect their data. “Thompson has scanned tens of millions of AWS customers looking for vulnerabilities,” Mr Brown wrote in a legal filing. The prosecutor added that until March, he discovered a vulnerability that allowed him to download data from Capital One.

In June 2019, Ms. Thompson sent messages online to a woman and announced what she had found, legal filings said. Ms Thompson added that she was considering sharing the data with a scammer and said she would make it public that she was involved in the breach.

“I basically strapped myself in a bomb vest,” Ms Thompson said in copies of the online chat found in the court records, referring to her plan to make the data public and self-disclosure.

Prosecutors said the woman suggested that Ms. Thompson surrender to the authorities. A month later, the woman contacted Capital One and told the bank about the breach. Capital One notified law enforcement and Ms Thompson was arrested in late July 2019. If she is found guilty, she could face more than 30 years in prison.

“The snapshots offered by the government are an incomplete and inaccurate portrayal of a life that is more fairly defined as survival and resilience,” Mohammad Ali Hamoudi, the attorney representing Ms Thompson, and other members of the legal team said in a filing. They added that Ms. Thompson sought mental health treatment and showed determination to face her problems.

Capital One agreed to pay in 2020 80 million dollars resolve allegations from federal bank regulators that it lacks the security protocols needed to protect customers’ data. The deal also required the bank to work quickly to improve its security. In December, Capital One agreed to pay 190 million dollars filed a class action lawsuit against those whose data was exposed in the breach.