A federal grand jury in Texas has indicted Barrett Brown, a putative spokesman for the hacker collective known as Anonymous and co-author of a book-in-progress about the group, in connection with a massive data breach of Stratfor Global Intelligence, a geopolitical risk analysis organization.
Brown is in federal prison based on another indictment returned against him on October 3. In that case he’s charged with making a threat on the Internet, conspiring to make public restricted personal information of a federal employee, and retaliation against a federal law enforcement officer.
Brown was arrested after posting a three-part video to YouTube that ran more than 43 minutes in which he, among other things, threatened to “shoot… and kill” any armed government officials who sought to arrest him, “especially the FBI.”
One of the crimes Brown is accused of in the indictment is transferring a hyperlink from an Internet Relay Chat (IRC) channel apparently occupied by Anonymous to a channel controlled by Brown.
The hyperlink, according to the indictment, provided access to data stolen from Stratfor, which included more than 5000 credit card account numbers, information about their owners and their Card Verification Values (CVV). By transferring and posting the hyperlink to the Internet, Brown cause the data to be made available to persons online without the knowledge and authorization of Stratfor or the cardholders, which is a violation of federal law.
Brown is also charged with possession of at least 15 credit card numbers and their CVV codes without the knowledge of the cardholders with intent to defraud them.
In addition, the indictment accuses Brown of aggravated identity theft by knowingly transferring and possessing without lawful authority the means of identification of the credit card holders.
According to the U.S. Attorney’s Office in Dallas, the penalty for trafficking in credit card numbers carries a maximum penalty of 15 years in prison and possession of credit cards with intent to defraud, a ten-year penalty.
Each of the identity theft counts, if sustained, carry a mandatory two-year sentence and a fine of up to $250,000.
Anonymous ransacked Stratfor’s computers in December 2011 and posted to the Internet 75,000 names and credit card numbers of subscribers for the company’s services, as well as 860,000 user names and e-mail addresses of people registered at the firm’s website.
John Mello writes on technology and cyber security for a number of online publications and is former managing editor of the Boston Business Journal and Boston Phoenix. Disclosure: He also writes for Hewlett-Packad's marketing website TechBeacon.