Tag Archive for: seattle

Omni Hotels confirms customers’ personal data stolen in ransomware attack – KIRO 7 News Seattle

/in


DALLAS — Officials with Omni Hotels & Resorts confirmed that cybercriminals stole the personal information of its customers during what appeared to be a ransomware attack last month.

>> Read more trending news

According to a post on its website on Sunday, the hotel giant said that “limited information pertaining to a subset of our customers may have been impacted.”

Omni said the stolen data includes customer names, email addresses, postal addresses and guest loyalty program information. The breach does not include information pertaining to financial information or Social Security numbers.

Omni said it shut down its systems on March 29 after discovering intruders in its systems, TechCrunch reported. Guests reported outages across Omni’s properties, with some customers experiencing issues with telephone and wi-fi issues, according to the technology news website.

Some customers said their room keys stopped working.

Omni officials said the chain’s systems were restored by April 8, TechCrunch reported.

“Omni Hotels & Resorts continues to investigate a recent cyberattack on its systems with the assistance of a leading cybersecurity response group,” the company wrote in an update on its website.

The FBI reported that more than 2,825 ransomware complaints were reported during 2023, an increase of 18% over 2022. Losses reported rose by 74%, from $34.3 million to $59.6 million, according to the agency.

Omni Hotels & Resorts is based in Dallas, and the chain operates 50 hotels and resorts in the United States and Canada, according to The Dallas Morning News.

© 2024 Cox Media Group

Source…

Former Amazon employee convicted of stealing data from more than 100M people – KIRO 7 News Seattle

/in


SEATTLE — A former Amazon Web Services engineer was found guilty Friday of stealing data from more than 100 million people when she hacked Capital One three years ago.

Paige Thompson, who worked for the software giant until 2016, was convicted Friday of seven federal crimes, including wire fraud, illegally accessing a protected computer and damaging a protected computer, CNBC reported.

>> Read more trending news

While the wire fraud conviction carries up to 20 years in prison, the two lessor charges are each punishable by as many as five years in prison.

According to a news release issued by the U.S. Attorney’s Office’s western district of Washington, the jury found Thompson not guilty of aggravated identity theft and access device fraud. The panel deliberated for 10 hours.

Prosecutors argued at trial that Thompson created a tool to search for misconfigured AWS accounts, allowing her to hack into accounts from more than 30 Amazon clients, including Capital One. In addition to mining the data she found in the compromised accounts, Thompson was also accused of using her access to some of the retail behemoth’s servers to mine cryptocurrency for her personal benefit, CNBC reported.

“She wanted data, she wanted money, and she wanted to brag,” Assistant U.S. Attorney Andrew Friedman said of Thompson during his closing arguments, the network reported.

According to The Verge, Thompson’s breach, one of the largest on record, exposed the names, birth dates, social security numbers, email addresses and phone numbers of more than 100 million U.S. and Canadian residents.

Capital One has since been fined $80 million in regulatory fines for allegedly failing to secure users’ data and settled with affected customers for $190 million, the technology news outlet reported.

“Far from being an ethical hacker trying to help companies with their computer security, (Thompson) exploited mistakes to steal valuable data and sought to enrich herself,” U.S. Attorney Nick Brown stated in the news release confirming her conviction.

Thompson is slated to be sentenced Sept. 15.

©2022 Cox Media Group

Source…

Jury convicts Seattle woman in massive Capital One hack

/in


SEATTLE (AP) — A federal jury on Friday convicted a former Seattle tech worker of several charges related to a massive hack of Capital One bank and other companies in 2019.

Paige Thompson, 36, a former Amazon software engineer who used the online handle “erratic,” obtained the personal information of more than 100 million people — a data breach that prompted Capital One to reach a tentative $190 million settlement with affected customers. The Treasury Department also fined the company $80 million for failing to protect the data.

Following a seven-day trial, the Seattle jury found her guilty of wire fraud, unauthorized access to a protected computer and damaging a protected computer. The jury acquitted her of other charges, including access device fraud and aggravated identity theft.

Thompson’s attorneys argued that she struggled with mental health issues, never intended to profit from the data she obtained, and said in court papers “there is no credible or direct evidence that a single person’s identity was misused.”


Federal prosecutors said she didn’t just steal the data, but also planted software on servers she unlawfully accessed to steal computing power to mine cryptocurrency.

“Far from being an ethical hacker trying to help companies with their computer security, she exploited mistakes to steal valuable data and sought to enrich herself,” Seattle U.S. Attorney Nick Brown said in a news release.

Wire fraud is punishable by up to 20 years in prison, while the other charges can bring a five-year maximum. U.S. District Judge Robert Lasnik is scheduled to sentence Thompson in September.

In interviews with The Associated Press following her arrest, friends and associates described Thompson as a skilled programmer and software architect whose career and behavior — oversharing in chat groups, frequent profanity, expressions of gender-identity distress and emotional ups and downs — mirrored her online handle.

At one point, two former roommates obtained a protection order against her, saying she had been…

Source…