In what can only be described as a massive theft of personal information, Scott Levine, owner of the now defunct bulk-email marketing company, Snipermail.com, has been convicted of stealing some 1.6 billion personal records from Acxiom Corp, a data seller.
A federal jury in Little Rock, Arkansas convicted Levine of 120 counts of unauthorized access to a protected computer, two counts of access-device fraud for cracking passwords, and one count of obstruction of justice for the attempted removal and destruction of computer hard drives.
He was found not guilty on 15 counts, including 13 counts of unauthorized access and one each of conspiracy and money laundering. His sentencing is scheduled for January 9, 2006.
Levine’s data theft ranks as one of the largest ever disclosed in the United States. The 1.6 billion stolen records included names, addresses, telephone numbers, and other information. It was alleged that Levine gained access to the data by downloading a file containing the encrypted passwords of about 300 Acxiom business customers.
Acxiom said the verdict “sends a clear message that cybercrime will not be tolerated.” The company has now taken steps to enhance security including strengthening its encryption systems, audit practices, and ability to detect intruders. So far, the company reports only one incident of access to an external server.
In another case of data theft, Olatunji Oluwatosin, a Nigerian who pleaded no contest earlier in the year for his participation in an identity-theft ring that targeted ChoicePoint Inc. and who is currently serving a 16-month prison sentence, is now facing six additional charges.
On August 8, Oluwatosin pleaded not guilty to further counts of identity theft, conspiracy and grand theft. The charges, filed by the Los Angeles County District Attorney, accuse Oluwatosin of using the stolen data to obtain some $2.5 million worth of cash and property.