Hack of Capital One by erratic.
Explanation of the Hack
The hacker exploited an SSRF vulnerability in ModSecurity to grab AWS instance credentials from the EC2 metadata service and used them to access an S3 bucket containing credit applications.
Even though the hacker used a combination of iPredator VPN and Tor to stay anonymous at the IP layer, she confessed to her activities in a Slack group of a local tech meetup group and uploaded exfiltration scripts to a GitHub account connected to her real identity. A member of the Slack group reported her to the FBI.
No data from Capital One was ever leaked anywhere, but she's alleged to also have used the same exploit to deploy crypto miners.