Three men have been charged over a hacking scheme that allegedly collected tens of millions of personal records for use in spam campaigns.
U.S. prosecutors say the trio broke into the networks of three companies and improperly accessed the network of a fourth one where one of the men was employed.
Their primary goals revolved around obtaining email addresses for consumers in order to advertise insurance companies or online sites that sold narcotics without prescriptions, according to a news release.
They also used used the email systems of some hacked companies to send spam in an attempt to avoid antispam security filters.
Those indicted are Timothy Edward Livingston, 30, of Boca Raton, Florida; Tomasz Chmielarz, 32, of Rutherford, New Jersey; and Devin James McArthur, 27, of Ellicott City, Maryland.
They have been charged with conspiracy to commit fraud and related activity in connection with computers and conspiracy to commit wire fraud. The DOJ said Livingston and Chmielarz have also been charged with conspiracy to commit fraud and related activity in connection with electronic mail.
The indictment does not name the companies targeted but described them. One is a major telecommunications company and the second a technology consulting company, both based in New York.
The third one is a credit monitoring service based in Texas, and the fourth a telecommunications company in Pennsylvania.
For about a year, McArthur worked for the fourth company. He is accused of giving access to the other two men to the company’s network through a remote access administration tool. As many as 24.5 million records were eventually stolen from the company.
The spamming activities generated up to $2 million. Prosecutors allege that Livingston charged his clients between $5 to $9 if a spam email resulted in a purchase.