Feeds

Acxiom database hacker jailed for 8 years

Florida spammer off to slammer

The Power of One eBook: Top reasons to choose HP BladeSystem

A Florida man has been jailed for eight years after being convicted of stealing vast amounts of personal information from Acxiom, one of the world's largest database companies, in order to inflate the value of his spamming firm.

Scott Levine, 46, of Boca Raton, Florida, was found guilty by an Arkansas jury in August of 120 counts of unauthorised access of a protected computer, two counts of access device fraud, and one count of obstruction of justice, the Justice Department announced. The former head of defunct bulk mail outfit Snipermail.com was cleared of 14 conspiracy charges and money laundering at the end of a trial that lasted almost a month.

Prosecutors described the case as the "largest ever invasion and theft of personal data" ever tried. In court, Levine and Snipermail.com were accused of stealing 1.6bn customer records containing details of the names, addresses and emails of millions of Americans from Acxiom databases during a total of 137 hack attacks between January and July 2003. He was not accused of involvement in identity theft but some of the data was resold to a broker for use in a spamming campaign.

Weak access controls allowed Snipermail.com to illegally access reams of data thanks to a business relationship between Acxiom and one of Snipermail's clients. Snipermail.com should have only been given strictly limited access to Acxiom's databases, but instead was allowed the run of the lan(d). In a DoJ statement, prosecutors said Levine used "sophisticated decryption software to illegally obtain passwords and exceed his authorised access to Acxiom databases". The purloined data was used to inflate Snipermail's contact list and make it a more attractive target for acquisition.

Evidence of Snipermail's alleged assault was discovered by investigators probing a separate security breach at Acxiom. Daniel Baas, 25, of ZCincinnati, Ohio, pleaded guilty to that attack in December 2003. He was jailed for 45 months in March 2005.

"The investigation of cybercrime, particularly as it relates to computer intrusion, is one of the FBI's top priorities," FBI special agent William C Temple said. "Working with our counterparts from the US Secret Service, we were able to quickly recover the stolen data and prevent its use in a wide range of fraud schemes. The success of this investigation should send a strong message to those who might consider becoming involved in similar criminal activity."

Acxiom clients include 14 of the 15 biggest credit card companies, seven of the top ten auto manufacturers and five of the top six retail banks. The company also analyses consumer databases for multinationals such as Microsoft, IBM, AT&T and General Electric.

Arkansas-based Acxiom has overhauled security since the attacks were uncovered. ®

Designing a Defense for Mobile Applications

More from The Register

next story
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
Putin: Crack Tor for me and I'll make you a MILLIONAIRE
Russian Interior Ministry offers big pile o' roubles for busting pro-privacy browser
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.