Michigan man pleads guilty to wireless hack into stores

Brian Salcedo could face up to 18 years in prison

By Paul Roberts

June 7, 2004 12:00 PM ET

Recommended

IDG News Service - A Michigan man pleaded guilty on Friday to four counts of wire fraud and unauthorized access to a computer after he and two accomplices used a vulnerable wireless network at a Lowe's Companies Inc. store in Michigan to attempt to steal credit card numbers from the company's main computer systems in North Carolina and other Lowe's stores in the U.S.
Brian Salcedo could face up to 18 years in prison for the crime, which the government claims could have caused more than $2.5 million in damages. However, federal prosecutors will ask for a more lenient sentence in exchange for Salcedo's cooperation in other investigations stemming from the incident and full disclosure of details about the intrusions on Lowe's network, according to a copy of the plea agreement.
The case stems from a series of hacks in October and November 2003 in which Salcedo's two alleged accomplices, Adam Botbyl and Paul Timmins, discovered a loosely protected wireless LAN connection at a Lowe's store in Southfield, Mich., while scanning for open connections -- or "war driving" -- in the area.
The trio subsequently used the open access point to compromise the entire corporate network of the Mooresville, N.C.-based home improvement retail chain, hacking into stores in California, Kansas, South Dakota and other states in the weeks that followed. Among other things, the three attempted to install a modified version of a credit processing program called "tcpcredit" that skimmed credit account information for every transaction processed at a particular Lowe's store, according to the indictment filed with the U.S. District Court for the Western District of North Carolina.
In November, a grand jury indicted the three on 16 counts of wire fraud and unauthorized intrusion. In May, both Salcedo and Botbyl reached plea agreements, with Botbyl agreeing to plead guilty to one count of conspiracy to gain unauthorized access to a nationwide computer network.
The third member of the group, Paul Timmins, is scheduled to appear in court for arraignment on June 28.

Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Jump to comments

Cybercrime/Hacking

Additional Resources

Xerox

Win a color printer!

By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!

Microsoft

Upgrade to Internet Explorer 8 today.

Save time and mitigate security risk. Deploy it now.

Sybase

NEXT-GENERATION MOBILITY PLATFORMS

In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.