Seattle man gets 51 months in jail in ID theft case
Gregory Kopiloff pleaded guilty to charges of ID theft over P2P
Computerworld - Gregory Kopiloff, a Seattle man who pleaded guilty last November to stealing identity information over peer-to-peer (P2P) file-sharing networks has been sentenced to 51 months in prison.
In addition, Seattle District Court Judge James Robart ordered Kopiliff to serve in a three-year supervised-release program at the end of his prison term.
Kopiloff, 35 was arrested by federal authorities in September 2007 and charged with using P2P software such as LimeWire and Soulseek to snoop for and steal banking and credit information belonging to users on file-sharing networks. He was the first person in the U.S. to be indicted on charges of committing identity theft over P2P networks.
According to court documents, between March 2005 and August 2007, Kopiloff surreptitiously gained access to banking, financial and personal data stored on the computers of other users on file-sharing networks. To get to that data, Kopiloff sometimes searched specifically for federal income tax returns, student financial aid applications and credit reports stored on users' systems. He also used the data to screen potential victims based on their income levels and credit histories in order to identify the most credit-worthy people.
He then used the stolen data to open fraudulent credit accounts or to make fraudulent purchases that he then had shipped to different locations in the Seattle area. The merchandise was later resold -- typically for half its purchase price, court documents said.
At the time of his arrest, Kopiloff had bought between $73,000 and $120,000 worth of merchandise using identity information belonging to at least 83 people.
Kopiloff in November pleaded guilty to mail fraud, accessing a protected computer without authorization to further fraud and aggravated identity theft. He faced a maximum of 20 years in prison and fines of up to $250,000.
Robart's sentence appeared to be in line with the government's call for a 54-month prison term.
In arguing for a prison term, prosecutors described Kopiloff's use of P2P networks as a "particularly pernicious and devious" technique for committing identity theft. "The defendant exploited the recent developments in 'peer to peer' computer file-sharing technology to access the most private financial information imaginable from the personal home computers of scores of victims located throughout the United States," Assistant U.S. Attorney Kathryn Warma said in court documents.
Warma noted that the use of P2P software on home computers, sometimes installed by young people without their parents' consent, can open up all of the data on these systems to criminals. Typically, victims have no clue how their identity information and other confidential data leaked out, she said.
Warma said that Kopiloff's techniques were not "run of the mill" and deserved a "sentence at the high end" of what would be applicable.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to... All Cybercrime and Hacking White Papers | Webcasts