Edward Pearson, a 23-year-old student from York, northern England, used two Trojans as well as his own code to get hold of credit card details, passwords, dates of birth, names and addresses, some of which was stolen from 200,000 PayPal accounts. The data was taken between January 1, 2010, and August 30, 2011.
Pearson was put behind bars for two years and two months this week, though the judge said it would have been for longer if he had made use of the stolen data, which the prosecution claimed could have netted him as much as $1.3 million (£834,000) in fraudulent transactions.
Nokia and AOL
The hacker infiltrated Nokia’s internal network and stole the personal details of more than 8,000 staff members, causing the network to be shut down for two weeks. He also stole data from employees of Internet company AOL.
The details of more than 2500 credit or debit cards were found on his computers, together with the names, dates of birth and zip codes of over eight million people in the UK. If all the information was printed out on both sides of A4, it would have filled nearly 70,000 sheets, police said.
Pearson’s crime only came to light when his girlfriend was caught booking rooms at luxury hotels using information stolen from credits cards and PayPal accounts. She was given a 12-month supervision order for her wrongdoing.
Pearson also admitted that he had shared some of the stolen data, though insisted he hadn’t exchanged it for money.
Defending the hacker, Andrew Bodnar said Pearson’s actions had been carried out as an “intellectual challenge” rather than for financial gain.
Pizzas and phone bills
“This is a young man who has very advance computer skills, but has put them to the wrong use, but he is not the criminal mastermind that everyone claims he is,” Bodnar told the court, pointing out that his fraudulent spending — mainly for take-out pizzas and paying off his mobile phone bills — had only amounted to $3,700 (£2,351). Of course, had he not been caught, this figure would have been somewhat different.
Judge Ann Mulligan described the crime as “very sophisticated.”
“Your computers and software were a devastating tool kit,” she said, adding, “You had a staggering amount of personal details.”
Staggering indeed — 8.1 million people represents 13 percent of the UK’s entire population.