Hacking suspect Paige Thompson's story: 100 million people and a cat named Millie

Federal prosecutors say the data breach included 140,000 Social Security numbers and 80,000 bank account numbers. Photo / AP

Before she was arrested and accused of illegally obtaining the personal data of over 100 million people from Capital One, Paige Thompson, 33, had a public Twitter persona typical of a software engineer in Seattle.

She commented often on programming chatter, fretted about her dating life and mourned the euthanasia of her cat, Millie. Millie's death, she wrote, was "one of the most painful and emotionally overwhelming experiences I've had in my life."

But Thompson also spoke darkly about her mental health, writing July 5 that she intended to check herself into a facility for treatment.

"I have a whole list of things that will ensure my involuntary confinement from the world," she wrote. "The kind that they can't ignore or brush off onto the crisis clinic. I'm never coming back."

The tweets, initially seen by a small number of followers, offered a public but limited glimpse into Thompson's mindset at the time authorities arrived at her door Monday and seized her digital devices. Federal prosecutors say the data breach included 140,000 Social Security numbers and 80,000 bank account numbers, culled from tens of millions of credit card applications.

Her propensity for oversharing online created a trail of digital breadcrumbs that the FBI used to track her down. At times, Thompson boasted about the sensitive data she was accused of taking.

The data was posted on GitHub, a website for sharing and collaborating on software code, that was linked to her full name, email address and other pages belonging to her, according to court documents.

She ran a group on Meetup, a site geared toward organizing real-life gatherings, called Seattle Warez Kiddies, a small collective of programmers and hackers. Using the online alias "erratic," she invited members to a channel on Slack, a messaging application, in which she shared a list of files she claimed to possess, some of which, authorities say, contained the Capital One data.

And a tipster provided the government with private messages on Twitter in which Thompson said she had "basically strapped myself with a bomb vest," while mentioning Capital One, indicating she intended to distribute the data and knew the consequences.

Since dropping out of Bellevue Community College in Washington state in 2006, Thompson has had a series of software engineering jobs, including at Amazon Web Services in 2015 and 2016, according to her résumé. She listed herself as the current owner of Netcrave Communications, a hosting company.

Thompson will remain in federal custody until a hearing Thursday, prosecutors said.

Written by: Daniel Victor

© 2019 THE NEW YORK TIMES