The hacker, Paige A. Thompson a/k/a/ erratic, was a former AWS engineer who abused her access to download the CapitalOne data along with 30 other companies data. Insider attacks are so deadly.
On top of her having insider access, she is mentally ill (hence her fitting online moniker) so that doesn't help any. She was long known about in the hacking scene before the hack. Very aggressive and rude online behavior.
She got convicted recently and her sentencing is in September, looking at 20 years. I think she'll get that. Hopefully she doesn't follow through on her previous statements of wanting to attempt suicide or fleeing the country.
Nowhere in the criminal complaint[1] does it say this happened. Instead it says that Paige wrote a script that scanned web application firewalls (WAFs) for a specific vulnerability. Anyone could have done this. The problem was only possible because after abusing the vulnerability Paige discovered that the IAM Role used by the WAF was granted permissions it shouldn't have.
I know what I'm talking about as I used to unfortunately hang out in the same IRC servers that she did (l0de radio).
Her working at AWS (where she was fired from) let her know exactly how and what to target in order to steal the data she was able to find and obtain. She had prior knowledge on what companies to snoop. I'd say thats using insider info to your benefit. Yes there are also common scripts that bug bounty H1 and Bugcrowd users use to pwn S3 buckets.
she also did was into cryptomining on hacked servers
>Ms. Thompson also used her access to Capital One’s servers to mine cryptocurrency
