Earlier this week, it was revealed that Capital One suffered a major data breach that affected over 100 million consumers. Now security researchers are saying that other major companies may have been victims as well.
Paige Thompson, the alleged hacker behind the Capital One data breach, was not shy about her nefarious activities. In fact, after exploiting a misconfigured web application firewall to gain access to consumers personal information, Thompson bragged about it online.
Security firm, CyberInt, posted Slack messages, which were allegedly sent by Thompson, who goes by the online handle “Erratic.” In those messages, Thompson shares several files. And based on the filenames, it can be inferred that she may have also stolen information from companies such as Ford, Michigan State University, Apperian, Vodafone, and the Ohio Department of Transportation.
In a statement to TechCrunch, Erica Hawkins, a Spokesperson from Ohio’s Department of Transportation said, “at this point, however, we can confirm that the information in the referenced file contained only publicly available data and no private information was stored there.”
Monique Brentley, Ford’s spokesperson said the company is “investigating the situation to determine if Ford information is involved.”
Vodafone spokesperson, Adam Liversage, said it was “not aware” of its stolen data in the breach.
And, a spokesperson from Michigan State University said it receives “hundreds of threats and attacks on our system” and said it was “hard to know if one recently was the alleged hacker from the Capital One situation.”
Although it doesn’t seem like Thompson sought to profit from the stolen data, it’s highly likely that it may have been obtained by others.