Ex-Amazon Worker Convicted in Capital One Hacking

A former Amazon engineer who was accused of stealing clients’ private info from Capital One in one of many largest breaches in the US was discovered responsible of wire fraud and hacking prices on Friday.

A Seattle jury discovered that Paige Thompson, 36, had violated an anti-hacking regulation often known as the Laptop Fraud and Abuse Act, which forbids entry to a pc with out authorization. The jury discovered her not responsible of id theft and entry gadget fraud.

Ms. Thompson had labored as a software program engineer and ran an internet neighborhood for different staff in her business. In 2019, she downloaded private info belonging to greater than 100 million Capital One clients. Her authorized staff argued that she had used the identical instruments and strategies as moral hackers who hunt for software program vulnerabilities and report them to corporations to allow them to be fastened.

However the Justice Division mentioned that Ms. Thompson had by no means deliberate to alert Capital One to the issues that gave her entry to clients’ information, and that she had bragged to her on-line mates concerning the vulnerabilities she uncovered and the knowledge she downloaded. Ms. Thompson additionally used her entry to Capital One’s servers to mine cryptocurrency, the Justice Division mentioned.

“She wished information, she wished cash, and he or she wished to brag,” Andrew Friedman, an assistant U.S. legal professional, mentioned in closing arguments.

Ms. Thompson’s case attracted consideration from the tech business due to the fees below the Laptop Fraud and Abuse Act. Critics of the regulation have argued that it’s too broad and permits for the prosecution of so-called white hat hackers. Final month, the Justice Division advised prosecutors that they need to now not use the regulation to pursue hackers who engaged in “good-faith safety analysis.”

The jury deliberated for 10 hours earlier than discovering Ms. Thompson responsible of 5 counts of gaining unauthorized entry to a protected pc and damaging a protected pc, along with the wire fraud prices. She is scheduled to be sentenced on Sept. 15.

A lawyer for Ms. Thompson declined to touch upon the decision.

Capital One found the breach in July 2019 after a lady who had spoken with Ms. Thompson concerning the information reported the issue to Capital One. Capital One handed the knowledge to the Federal Bureau of Investigation, and Ms. Thompson was arrested quickly after.

Regulators mentioned Capital One lacked the safety measures it wanted to guard clients’ info. In 2020, the financial institution agreed to pay $80 million to settle these claims. In December, it additionally agreed to pay $190 million to folks whose information had been uncovered within the breach.

“Ms. Thompson used her hacking abilities to steal the non-public info of greater than 100 million folks, and hijacked pc servers to mine cryptocurrency,” mentioned Nicholas W. Brown, the U.S. legal professional for the Western District of Washington, in a press release. “Removed from being an moral hacker making an attempt to assist corporations with their pc safety, she exploited errors to steal invaluable information and sought to counterpoint herself.”

Massachusetts Court Throws Out Gig Worker Ballot Measure

A Massachusetts court docket dominated on Tuesday {that a} proposed poll measure regarding the job standing of gig drivers violated state regulation and was not eligible to be put to voters this fall.

The measure, which was backed by corporations like Uber and Lyft, would have categorized gig drivers as unbiased contractors quite than workers, a longtime aim of the businesses. The ruling successfully ended a $17.8 million marketing campaign by the gig corporations to assist the initiative.

The poll measure contained two “substantively distinct coverage choices, certainly one of which is buried in obscure language” violating the state structure, which requires all components of a poll measure to be associated, the Massachusetts Supreme Judicial Court docket wrote in its ruling.

The court docket took difficulty with a provision of the measure that stated drivers had been “not an worker or agent” of a gig firm, as a result of it seemed to be an try and defend Uber and Lyft from legal responsibility within the case of an accident or a criminal offense. That provision was unrelated to the remainder of the proposal, which was about the advantages drivers would or wouldn’t obtain as unbiased contractors, in keeping with the seven-judge panel. The measure would have given drivers some restricted advantages however absolved the businesses of the necessity to pay them for full well being care advantages, day off or different worker advantages.

“Petitions that bury separate coverage choices in obscure language heighten issues that voters can be confused, misled and disadvantaged of a significant alternative,” the court docket wrote.

For years, gig corporations and labor rights teams have argued over classify drivers: Ought to they be workers, with full labor protections and advantages? Or ought to they be unbiased contractors, chargeable for their very own bills and, as corporations have contended, afforded larger freedom and adaptability to work the hours they need?

Because it has appeared unlikely that the federal authorities will settle the query, Uber and Lyft have launched into a state-by-state march to lock of their drivers’ labor statuses.

The marketing campaign on the a part of gig corporations to lock of their drivers’ labor standing in Massachusetts was just like an effort in California two years in the past. In 2020, the businesses efficiently persuaded California voters to cross Proposition 22, a poll measure that enshrined drivers’ unbiased contractor standing; it was later overturned by a decide. The next yr they tried to strike a labor cut price in New York, and this yr they solid the same settlement with legislators in Washington state, stopping drivers from being categorized as workers.

However the corporations’ defeat in Massachusetts, a staunchly pro-labor and pro-union state, reveals the bounds of the technique, stated Terri Gerstein, a employees rights lawyer at Harvard Legislation Faculty’s Labor and Worklife Program.

“Policymakers ought to take note of the truth that gig corporations’ march towards a future with degraded employee protections is just not inevitable,” Ms. Gerstein stated.

Opponents of the Massachusetts poll measure welcomed the court docket’s ruling.

“Tens of millions of Massachusetts drivers, passengers and taxpayers can relaxation simpler figuring out that this unconstitutional bid by Massive Tech C.E.O.s to control Massachusetts regulation has been struck down by the Supreme Judicial Court docket,” Wes McEnany, who leads Massachusetts Is Not for Sale, wrote in an electronic mail. “The poll query was written not solely as an try to scale back the rights of drivers, but additionally would have put the rights of passengers and the general public in danger.”

Uber and Lyft declined to remark, however the group driving the measure expressed disappointment and argued that it will have had extensive assist within the fall.

“A transparent majority of Massachusetts voters and rideshare and supply drivers each supported and would have handed this poll query into regulation,” Conor Yunits, who’s main the Massachusetts Coalition for Unbiased Work, stated in a press release.

The group hoped the state’s legislature would nonetheless take motion on drivers’ job statuses earlier than the tip of the summer season. “We hope the legislature will stand with the 80 % of drivers who need flexibility and to stay unbiased contractors whereas gaining access to new advantages,” Mr. Yunits wrote.

A survey of about 400 Massachusetts drivers this yr, paid for by the gig corporations, discovered that 81 % backed the poll measure. However critics have argued that drivers had been being offered with a false alternative between flexibility and advantages, when being categorized as workers may give them each.

“The businesses have already spent thousands and thousands attempting to idiot drivers and voters into accepting this deceitful proposal,” Steve Tolman, the president of the Massachusetts A.F.L.-C.I.O., stated in a press release.

The labor battle in Massachusetts started in 2020, when the state’s lawyer normal, Maura Healey, sued Uber and Lyft, arguing that they had been misclassifying their employees by treating them as unbiased contractors quite than workers. That lawsuit is pending in court docket.

Uber, Lyft, DoorDash and Instacart responded with the poll measure, which stood a good likelihood of passing had it made it to voters, if the California initiative was any indication.

However their plans started to unravel when a bunch of labor activists filed a grievance in January, arguing that the poll measure shouldn’t be allowed to proceed due to the clause associated to gig corporations’ legal responsibility.

On Tuesday, the Massachusetts justices’ ruling made it clear that Uber and Lyft, by attempting to cross an bold and sweeping regulation, had overreached.

“Gig corporations wrote an excessively lengthy poll initiative designed to confuse individuals, in an effort to keep away from duty for every little thing — from employer obligations to taking good care of passengers when accidents occur,” Ms. Gerstein stated.