[ISN] Man Pleads Guilty to Hacking Acxiom Corp.

From: InfoSec News (isn@private)
Date: Fri Dec 19 2003 - 05:48:05 PST

  • Next message: InfoSec News: "[ISN] Critics: Convicted felons worked for electronic voting companies"

    http://www.eweek.com/article2/0,4149,1417836,00.asp
    
    By John Nolan
    Associated Press Writer 
    December 18, 2003   
     
    CINCINNATI (AP) - An Ohio man pleaded guilty Thursday to hacking into 
    computer records held by Acxiom Corp., a prominent database company 
    that analyzes information for many large businesses. 
    
    U.S. District Court Judge Susan Dlott accepted the guilty plea of 
    Daniel Baas, 25, of suburban Milford, and ordered him held without 
    bond pending sentencing in about two months. 
    
    Federal investigators said Baas gained unauthorized access to an 
    Acxiom computer server in Conway, Ark., and downloaded secret access 
    passwords and data files belonging to Acxiom customers from January 
    2001 to January 2003. Prosecutors said the hacks cost Acxiom at least 
    $5.8 million. 
    
    At the time, Baas worked for a Cincinnati company, Market Intelligence 
    Group, that had an agreement to analyze data for Acxiom. 
    
    Baas didn't share the proprietary information with anyone, although he 
    indicated to others that he had it, federal prosecutors said. The data 
    contained personal identification information, investigators said. 
    
    "He was a person who liked to retain data on people," said Robert 
    Behlen Jr., an assistant U.S. attorney. 
    
    Baas was motivated by curiosity to steal about 300 computer passwords 
    and the data files from Acxiom, but that doesn't excuse him under the 
    law that forbids unauthorized access to computers, defense lawyer 
    Timothy Smith said. 
    
    Clients of Acxiom, based in Little Rock, include credit card issuers, 
    banks, auto manufacturers, telecommunications companies and retailers. 
    The company has said about 10 percent of its customers were affected 
    by Baas' hacking. 
    
    Baas downloaded data from his Cincinnati office and his home, storing 
    it on CDs in his home. But the data was not used for criminal or 
    commercial purposes, U.S. Attorney Gregory Lockhart said. 
    
    The maximum sentence is five years in prison, but prosecutors said 
    Baas is likely to get less because he has accepted responsibility and 
    cooperated with investigators. 
    
    Baas also is awaiting trial on similar Ohio charges. 
    
    In exchange for Baas' plea Thursday, the government said it agreed not 
    to prosecute him for comments he allegedly made concerning President 
    Bush through Internet chat rooms. Prosecutors didn't reveal those 
    remarks, but said that investigators determined they did not amount to 
    a legitimate threat. 
    
     
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Fri Dec 19 2003 - 08:18:35 PST