RealTime IT News

E-Mail Operator Indicted for Record Data Theft

A Florida operator of an Internet advertising and e-mail business was indicted on 144 federal counts Wednesday in what the Department of Justice (DOJ) characterized as likely the largest case to date of stolen personal data.

Scott Levine, a 45-year-old resident of Boca Raton, allegedly stole approximately 8.2 gigabytes of information from Acxiom Corp., one of the world's largest companies managing personal, financial and corporate data. According to the DOJ, there is no evidence the data was used in any fraudulent schemes.

The charges stem from alleged illegal intrusions by Levine and employees of his Snipermail.com firm into a computer database owned and operated by the Arkansas-based Acxiom.

The indictment charges Levine with conspiracy, unauthorized access of a protected computer, access device fraud, money laundering and obstruction of justice.

"The protection of personal information stored on our nation's computer systems is critical to public trust in those networks and to the health of our economy," Assistant Attorney General Christopher Wray said in a statement. "We will aggressively pursue those who steal private information from computer networks and make it clear that there are serious consequences for such crimes."

Acxiom integrates data, services and technology for a number of high-profile clients, including major credit card companies. The company has headquarters in Little Rock and has offices throughout the United States, Europe, Australia and Japan.

In July 2003, investigators with the Sheriff's office in Hamilton County, Ohio, discovered during the course of an unrelated investigation that an Ohio resident named Daniel Baas had illegally entered into an Acxiom server and had downloaded significant amounts of data. During the course of that investigation, and in follow-up internal investigations conducted by Acxiom, a second set of intrusions was discovered and traced to the Snipermail systems.

Acxiom sought assistance from the U.S. Attorney's Office for the Eastern District of Arkansas, the FBI and the Secret Service, who formed a task force utilizing the FBI's Regional Computer Forensics Laboratory in Dallas.

The task force claims that beginning in April 2002, individuals employed at Snipermail allegedly obtained access to databases on the ftp.acxiom.com server in Conway, Ark., and by the spring of 2003, started regularly accessing large data files and downloading them. The indictment alleges the activity continued through July 2003.

Wednesday's indictment also states that Levine and others actively concealed computers from investigators during the course of the investigation in order to hide their illicit activity and to avoid prosecution. Six other individuals associated with Snipermail have agreed to cooperate in this investigation.