Alleged Capital One hacker may have taken data from dozens of companies, feds say

In a court filing, the government says Paige Thompson told police that she neither sold or shared the data from the Capital One breach.
Paige Thompson, capital one breach
It’s a significant ruling which effectively affords the attorneys suing Capital One with a breakdown of which bank behaviors were successful, and which failed. (Getty)

The person allegedly behind the recent Capital One hack may have siphoned data from more than 30 other companies, according to federal court filings made public Wednesday.

In a motion for detention filed in the Western District of Washington state, the U.S. government said investigators found that Paige Thompson took data from multiple companies, and not just Virginia-based bank. The revelation was part of the evidence used to argue that Thompson must be detained before trial, or else pose a danger to the community and a risk of skipping out on further court dates.

Thompson, who is currently in federal custody in Washington state, has been charged with stealing data on 106 million Capital One customers after taking advantage of a misconfigured firewall in the bank’s cloud computing system. According to the latest filing, the government has allegedly found terabytes of additional data Thompson took from more than 30 “companies, educational institutions, and other entities.”

The filing does not name any additional victims, but TechCrunch has reported that Vodafone, Ford, Michigan State University and the Ohio Department of Transportation may have also been among Thompson’s targets. The government said it is still investigating, and will tack on additional charges as victims are notified.


The government also said that Thompson has told law enforcement that she has “neither sold, nor otherwise shared or disseminated any of the data” that she stole from Capital One or any other potential victim. Additionally, Thompson told the government that the data recovered during her arrest is the only copy that was created.

‘Significant history of mental health problems’

Another reason the government is asking for Thompson’s detention is due to “a long history of threatening behavior that includes repeated threats to kill others, to kill herself, and to commit suicide by cop.” The latter is a reference to an incident at Thompson’s house in March 2019 where she threatened her roommates to retrieve a fake gun, call police to the residence and hope police would shoot her after mistaking the fake gun for a real one.

The motion also gives details about other alleged altercations Thompson was involved in, including one where she called an acquaintance at a tech company in California and threatened to travel there and “shoot up” the office.

Officials also detailed a large amount of weapons discovered at Thompson’s residence, mostly belonging to her roommate. Law enforcement confiscated 14 firearms, including assault rifles, a sniper rifle and handguns, along with two bump stocks, two flare launchers and multiple high-capacity magazines.


“The fact that all of these weapons were recovered in the bedroom adjacent to Thompson, most of them readily accessible to her, is obviously of concern, given Thompson’s recurrent threats to commit violence against herself and others,” the motion reads.

Thompson’s detention hearing is set for Aug. 23.

You can read the full motion below.

[documentcloud url=”” responsive=true]

Greg Otto

Written by Greg Otto

Greg Otto is Editor-in-Chief of CyberScoop, overseeing all editorial content for the website. Greg has led cybersecurity coverage that has won various awards, including accolades from the Society of Professional Journalists and the American Society of Business Publication Editors. Prior to joining Scoop News Group, Greg worked for the Washington Business Journal, U.S. News & World Report and WTOP Radio. He has a degree in broadcast journalism from Temple University.

Latest Podcasts