Darknet Data Hack: Hacker Pleads Guilty On Stolen Database Sale

1
512
darknet-data-hack

A Michigan man has pleaded guilty on Thursday morning for conducting a darknet data hack. He had hacked a database of UPMC employees in 2014 and stole the personal information of over 65,000 people. The accused had also sold the stolen data on the dark web.

The accused, identified as Justin Sean Johnson, aged 30 years, has been scheduled to hear his sentence in around four months by the U.S. District Chief Judge, Mark Hornak. Currently, he is being held in the prison of Butler County. He had appeared for Thursday’s hearing on an online video program.

After pleading guilty, the accused faces a maximum of seven years behind bars. He had pleaded guilty to only two of the 43 counts against him. The imprisoned has pleaded guilty to a single count of the conspiracy and another single count of the aggravated identity theft under the darknet data hack. However, he had accepted all that he had been accused of and laid out in his indictment.

The Assistant U.S. Attorney Greg Melucci, investigators with the IRS, the U.S. Postal Service, along with the U.S. Secret service, had conducted an almost five-year investigation on the accused and his co-conspirators. In the investigation, they had found that the accused had by that time become an expert in the PeopleSoft software that UPMC used. He had successfully made use of that expertise to conduct the darknet data hack of the UPMC employees’ database.

After acquiring the required information, he had sold the data via the alias or moniker “The Dearth Star”. He later also used another alias called “Dearthy Star” on the dark web.

“Virtually every UPMC employees’ [personally identifiable information] was victimized,” Melucci said. “The intruder clearly had a high skill set.”

In 2014, as the prosecutor continued, the IRS had received hundreds of fake 2013 tax returns. He had sought to have the refunds sent as gift cards on Amazon.com. Then, the Amazon gift cards were used to purchase electronics merchandise valuing hundreds of thousands of dollars. Then the merchandise sets were delivered to Venezuela.

Luckily, one of the co-conspirators named Yoandy Perez Llanes got arrested in Venezuela. The co-conspirator pleaded guilty in Pittsburgh in 2017. As per the U.S. Attorney’s office, over $1.7 million were filed as false returns. 

Even after the charges had been filed against the co-conspirators, Johnson had continued to trade the stolen data on the darknet websites. Melucci stated that the accused had regularly advertised the stolen details in 2016 and 2017. He had mentioned that the stolen information was of over 45,000 people. He had sold all the stolen credentials via darknet data hack online on the dark web sites for cryptocurrency.

Adding to the UPMC stolen data, the investigators had found out that the personal information of additional 89,310 individuals was recovered. All of them were related to electronic merchandise. The data was retrieved while Johnson was arrested in Detroit in 2020. The investigators revealed that the data arrived from Butler University in Indianapolis, medical centres in Georgia, Daytona State College in Florida, medical colleges in South Carolina, and other New Jersey, California, and Oregon colleges.

Throughout the tenure of the investigation, Melucci had stated to the court that the agents had found numerous chats where the defendant had offered tax advice and boasted about his proficiency with PeopleSoft.

The evidence uncovered on his computer had revealed that Johnson had deliberately searched for the information regarding any criminal charges that might have been filed against him. This had even included the federal court databases and also checking for the national criminal warrants.

Source: Trib Live


Disclaimer: Read the complete disclaimer here.

1 COMMENT

LEAVE A REPLY

Please enter your comment!
Please enter your name here

*

code