DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Ninth Circuit Reverses Probation Sentence for Paige Thompson

Posted on March 21, 2025 by Dissent

Conor Brian Fitzpatrick (aka “Pompompurin” of Breached.vc) isn’t the only person to have their sentence vacated and remanded for re-sentencing this year.  Paige Thompson, who was responsible for the massive Capital One hack in 2019, will also be re-sentenced. Eugene Volokh writes:

A short excerpt from the 9,000-word U.S. v. Thompson, decided yesterday by Ninth Circuit Judge Danielle J. Forrest, joined by Judge Johnnie B. Rawlinson:

Paige Thompson committed the second largest data breach in United States history at the time, causing tens of millions of dollars in damage and emotional and reputational harm to numerous individuals and entities. The district court correctly calculated Thompson’s sentencing range under the Federal Sentencing Guidelines (the Guidelines) to be 168 to 210 months of imprisonment. It then granted a roughly 98% downward variance to time served (approximately 100 days) and five years of probation. Because the district court made clearly erroneous findings and did not properly weigh the 18 U.S.C. § 3553(a) sentencing factors, we conclude that the sentence it imposed is substantively unreasonable, and we vacate and remand for resentencing….

As in Fitzpatrick’s case, the judge had made a significant departure from federal sentencing guidelines in sentencing Thompson, which the appellate court found to be unreasonable. As Volokh writes:

The district court considered that Thompson is transgender, autistic, and has suffered prior trauma in her life. Thompson’s personal background and characteristics are, of course, proper considerations at sentencing, but they may not be the sole basis for the chosen sentence. And the district court also speculated that recent BOP policy changes about housing transgender inmates may be undone by a future presidential administration. Such speculation regarding BOP policy is improper, especially when it apparently carried the weight it did in this sentencing. {The BOP has since changed its policies regarding the incarceration of transgender persons. See Exec. Order No. 14,168 (Jan. 30, 2025). The district court may consider this non-hypothetical policy on remand, but, consistent with this opinion, it may not do so at the expense of a proper weighing of all the § 3553(a) factors.} …

As the district court explained, hacking is “not … a crime of passion that [just] happens.” Fraud crimes like those at issue here typically are calculated, and, as a result, are particularly amenable to general deterrence. But, while the district court acknowledged the Government’s argument that a low sentence would incentivize similar crimes, it does not appear that it gave this factor meaningful weight in selecting the sentence that it imposed. This was a clear error of judgment….

Read more at Reason.

h/t, Risky Biz News

Category: Financial SectorHack

Post navigation

← Former University of Michigan Football Quarterbacks Coach and Co-Offensive Coordinator Indicted on Charges of Unauthorized Access to Computers and Aggravated Identity Theft
Hacktivists claim cyber-sabotage of 116 Iranian ships →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Banks Want SEC to Rescind Cyberattack Disclosure Requirements
  • MathWorks, Creator of MATLAB, Confirms Ransomware Attack
  • Russian hospital programmer gets 14 years for leaking soldier data to Ukraine
  • MSCS board renews contract with PowerSchool while suing them
  • Iranian Man Pleaded Guilty to Role in Robbinhood Ransomware
  • Developments surrounding data breach at Dutch police
  • Estonia launches international search for Moroccan citizen wanted over data theft
  • Now it’s Tiffany: Another LVMH luxury brand hit by hackers
  • Dutch Government: More forms of espionage to be a criminal offence from 15 May onwards
  • B.C. health authority faces class-action lawsuit over 2009 data breach (1)

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The CCPA emerges as a new legal battleground for web tracking litigation
  • U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data
  • Period Tracking App Users Win Class Status in Google, Meta Suit
  • AI: the Italian Supervisory Authority fines Luka, the U.S. company behind chatbot “Replika,” 5 Million €
  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says
  • Widow of slain Saudi journalist can’t pursue surveillance claims against Israeli spyware firm

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.