Ex-GM security guard charged with hacking into company's database

Computerworld - A former security guard at a General Motors Corp. technical center has been charged with stealing documents containing the names and Social Security numbers of about 100 GM employees and using those numbers to hack into the company's employee-vehicle database, county police said.

The ex-employee, James S. Green, of Washington Township, Mich., then sent e-mails to those employees asking them questions about their vehicles.

Green was arraigned Monday on eight counts of obtaining, possessing or transferring personal identity information, one count of using a computer to commit a crime and one count of stalking that was unrelated to the GM cases. He was released after his family posted 10% of a $50,000 bond, Wickersham said.

"We were notified in January by GM Security that they suspected that a possible ex-employee was in possession of employee information [and] was sending annoying e-mails to GM employees, and that this ex-employee was possibly still in possession of employee information," said Capt. Anthony Wickersham, of the Macomb County Sheriff's Department. "So our computer crimes unit took the case and, during their investigation, they discovered that these e-mails were being sent from a library in Washington Township from a Yahoo account. We went up there, and we found this guy [in the library]. We interviewed him and he told us everything that he was doing."

Sometime in the early 1990s, Green worked as a contracted security guard for GM at its technical center in Warren, Mich., Wickersham said. During that time, he stole papers that contained the Social Security numbers of employees who worked there. He had the papers in his possession all this time, he said.

"He would access the GM vehicle database for employees, but to enter it, you'd have to have your Social Security number. So he would enter a Social Security number and find out that Mr. Smith drives a 2006 Corvette, red in color, with all these options, and then he would e-mail Mr. Smith from his Yahoo account and pretend he was like a quality assurance-type guy from GM and just ask him questions about how it drives, how it handles -- stupid questions like that. And he would send multiple e-mails out to these people, which became annoying and also became a concern to them because he had a lot of information about these people. And that's when they contacted GM security, and they did an internal investigation and forwarded it to us."

Wickersham said Green told police he sent the e-mails out of "boredom."