Cisco whistleblower gets first False Claims payout over cybersecurity

Cisco Systems Inc has agreed to settle a whistleblower’s claim that it improperly sold video surveillance software with known vulnerabilities to U.S. federal and state governments, marking the first payout on a False Claims Act case brought over failure to meet cybersecurity standards.

The settlement and underlying claim were unsealed on Wednesday, eight years after the initial legal complaint. Cisco paid $8.6 million to resolve the case, with most of that going to the federal government and 15 state buyers and more than $1 million going to the whistleblower, James Glenn.

Many more whistleblower claims could ensue, experts said. The settlement “clearly provides an opportunity for entrepreneurial plaintiffs or potential plaintiffs to go around looking for more examples like this,” said Georgetown University law professor Gregory Klass. read more »

Alleged Capital One Hacker Barely Bothered to Hide

Paige Thompson's online behavior suggested that she may have been preparing to get caught

The 33-year-old former Amazon software engineer accused of hacking Capital One made little attempt to hide her attack. In fact, she effectively publicized it.

It's one of many riddles swirling around Paige Thompson, who goes by the online handle "erratic." Well-known in Seattle's hacker community, Thompson has lived a life of tumult, with frequent job changes, reported estrangement from family and self-described emotional problems and drug use.

FBI agents arrested Thompson Monday for allegedly obtaining personal information from more than 100 million Capital One credit applications, including roughly 140,000 Social Security numbers and 80,000 bank account numbers. There is no evidence the data was sold or distributed to others. read more »

Capital One hacker may have hit other targets

The FBI is investigating whether Paige Thompson, the alleged hacker in the breach of Capital One Financial Corp., successfully hit other targets, according to The Wall Street Journal.

Thompson, a former systems engineer for Amazon Web Services, the cloud-computing division of Amazon.com Inc., also took aim at Michigan State University, Italian bank UniCredit SpA and automaker Ford Motor Co., according to the report.

The three entities were referenced in online postings Thompson made, according to the report, and all three were investigating the possibility of a breach. Michigan State, an AWS client, said it is working with the FBI to determine if files were accessed. read more »