Three Persons Charged for Biggest Security Breach in US History
Infosecurity-magazine.com reported on 9th March, 2015 stating that three men have been prosecuted by the U.S. Department of Justice in connection with one of the largest data breaches in the history of the US according to prosecutors after they hacked numerous email servers.
Viet Quoc Nguyen, 28, is accused of hacking a minimum of eight email service providers between the periods of February 2009-June 2012. The Email Service Provider companies normally offer genuine electronic mail marketing or mass emailing services to their clients. Clients engage ESPs to assist in mass emailing to patrons or potential customers who have decided to receive such emails.
The government charges that two Vietnamese citizens Nguyen and Giang Hoang Vu, 25, used embezzled email addresses to attack several million people in a spamming campaign. The unsolicited emails directed recipients to websites which were selling software with a fake brand of Adobe Systems Inc’s software.
Both men were residents of the Netherlands. Vu was extradited to United States in March 2014 and pleaded guilty on Thursday, 5th March, 2015 to the conspiracy of committing computer fraud and Nguyen remains missing.
33 year old David-Manuel Santos Da Silva from Montreal, Canada was also charged by a federal grand jury on 4th March, 2015 for conspiring to commit money laundering to help Vu and Nguyen collect revenue from the “spam” campaigns and launder the proceeds. However, he was arrested last month at Fort Lauderdale International airport, Florida (US).
Justice.gov published news on 6th March, 2015 quoting John A. Horn, acting U.S. Attorney of the Northern District of Georgia, as saying: “This case shows the latest problems posed by today’s cases of cybercrime wherein hackers did not target just one company as they intruded most of the country’s email distribution firms. The scope of the intrusion is alarming because hackers not only stole the proprietary data of companies but they also hijacked distribution platforms of companies to send bulk emails and acquired the profits generated from email traffic directed to specific websites.”
The court did not disclose the name of email companies which were victimized but it seemed that the breaches included a massive attack on Epsilon, an email marketing firm, in 2011.