Posted on 07/21/2004 4:17:29 PM PDT by HAL9000
Federal prosecutors on Wednesday announced a 144-count indictment against a Florida businessman for allegedly hacking personal information on millions of Americans from Acxiom Corp. databases over a 17-month period.Prosecutors claimed that Scott Levine, 45, of Boca Raton, Fla.-based Snipermail.com Inc., accessed Acxiom databases between April 2002 and August 2003. Information accessed included names, addresses, e-mail addresses, customer demographics, and probably some birth dates and social security numbers.
It may be the biggest cyber-crime ever prosecuted and investigated, said assistant U.S. Attorney Sandra Cherry during a news conference at the U.S. Attorneys Little Rock office.
It alleges 139 instances of illegal access to 8.2 gigabytes of data that were downloaded from Acxioms servers, causing Acxiom losses of at least $7 million.
There is no evidence at this point that credit card information had been obtained or that the information had been used in identity or consumer fraud, Cherry said.
Levine was charged with conspiracy, unauthorized access of a protected computer, access device fraud, money laundering and obstruction of justice, according to the indictment.
Since the day we alerted them to the possibility of an intrusion into one of our servers, the diligence and professionalism of these members of law enforcement have been exemplary, said Acxiom in a written statement issued Wednesday. Acxiom takes the security of our systems very seriously, and we believe that those who unlawfully intrude on our systems should be dealt with by the criminal justice system.
We are committed to safeguarding our systems and the data that we store and manage on behalf of our clients. Since evidence of this crime was uncovered and halted in the summer of 2003, Acxiom has made a strong security system even stronger.
The company allegedly bundled the data with data of its own and sold it, according to the indictment. In June 2003 Snipermail allegedly sold data for $19,479 to broker Direct Partner Solutions of Alpharetta, Ga., which then provided the data to a company called ID Media for a postal campaign for a brand-name pharmaceutical.
Snipermail employees have cut deals and aided federal investigators, prosecutors said.
Also named in the indictment are Levines brother-in-law Magdiel Castro, longtime business associate Jeffrey Richman who operates Florida corporation RichMedia Inc., systems administrator Jeffrey Burstein, Melvin Donald Atkinson a computer analyst, Marcos Cavalcante a graphic designer, and William F. Clinton, a computer specialist.
The intrusions were detected during an internal Acxiom investigation of its databases, following revelations its consumer database server had been hacked by Daniel Baas of Ohio, prosecutors said. Baas, however, had no connection to Snipermail or Levine, prosecutors said.
(Fortune magazine has also reported that the investigation of Baas also turned up a three-month penetration of Acxiom's server by unrelated hackers operating in Boca Raton, Fla.)
Acxiom officials immediately notified the FBI and the U.S. Attorneys office of the intrusion. The investigation revealed Snipermail employees accessed Acxioms FTP server at its Conway facility in April 2002 and Spring 2003 and regularly downloaded large data files through July 2003, according to the indictment.
The indictment claims the conspiracy can be traced back to November 2001.
The FTP server sends and receives files via the Internet. Acxiom and its client both place and receive information via the FTP server. The indictment claimed the conspirators decrypted Acxiom password files to access more data than they were supposed to have access to.
Snipermail had legitimate access to a portion of Acxioms database as a client, prosecutors said. Prosecutors declined how Snipermail allegedly found its way past Acxiom security measures to access other portions of the database.
The indictment said a file containing user names and encrypted passwords was downloaded beginning in May 2003.
Snipermails business involves providing lists to clients for direct e-mail marketing and distribution of online advertising. Levine induced new conspirators with offers of ownership in Snipermail, higher wages and continued employment, according to the indictment. It also allegedly promised some with assistance on visa and immigration issues.
Close - but no cigar.
To the InfoSec ping list:
I don't know where they get this is the idea that this is the "biggest" cyber crime ever prosecuted.
What metric is this based on? Not $, 7 million is small 'taters. Also, the article doesn't mention what the $7 million figure represents exactly.
Still, pretty interesting.
It is arkansas... you never know.
RichMedia... Marc Rich? ;)
Wasn't Wesley Clark on their payroll? Seems to me he was an Axciom lobbyist.
bump
This seems like yet another oxymoron.
(I know, legally protected, but it doesn't seem very protected if you can access it in an unauthorized way.)
Running Windows? Something tells me you haven't run a deep scan of your own computer before. If not, invest in a couple of rolls of Reyonlds Wrap before you do. It won't help your computer but it might keep the spyware from leaping into your head ...
Me? It cause me to switch operating systems for my home systems.
Yes, it is interesting, and yep, the headline does seem a bit overblown.
Thats happening a lot in the media these days....(grin)
Thanks for the ping.
The suspect was arraigned a few days ago and entered a not guilty plea.
bttt
who is this Scott Levine, 45, of Boca Raton?! eh
bump for truth
.
bump
Boca Raton, isn't that where George's (Seinfeld) parents retired?
Please add me to this ping list, thank you.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.