TMCnet News
Trial Against Accused Acxiom Hacker Begins: 144 Counts FacedThe trial against accused Acxiom hacker Scott Levine began this week. Levine faces 144 counts for breaching the database-management company’s computer system and selling millions of people’s personal information. By DAVID R. BUTCHER Assistant Editor, Customer Interaction Solutions The trial against accused Acxiom Corp. hacker Scott Levine has begun in Arkansas. Indicted on 144 counts, the charges against Levine include unauthorized access of a protected computer, conspiracy, access device fraud, obstruction of justice and money laundering, in what prosecutors described as one of the largest computer crime cases ever. Arkansas-based Acxiom is one of the largest customer data management services companies in the world, and it manages personal information on millions of consumers, as well as financial and other internal data for companies. Coincidently, the firm prides itself as being a leader on consumer privacy issues. Levine is former chief executive of Boca Raton, Fla.-based Snipermail.com Inc., a bulk e-mail firm. The July 2004 indictment consequently sprung from a separate case last year in which an Ohio man, Daniel Baas, pleaded guilty to hacking into an Acxiom server. The breach involved one external FTP server outside Acxiom’s firewall that is used to transfer files back and forth between Acxiom and its clients. The company said no internal databases were accessed and no breach penetrated its firewall. It was during follow-up investigations into that case when the company uncovered a second set of infiltrations, which came from a different IP address, tracing back to Levine. A group of four Acxiom employees told jurors on Tuesday about their discovery that the company’s computer system had been penetrated, and how they responded. The group testified as federal prosecutors opened their case against Levin, who after allegedly hacking into the company’s system, then downloaded 8.2 gig.-worth of bank and credit card numbers, home and e-mail addresses as well as phone numbers — involving millions of people. The violations took place over a 16-month period, from around April 2002 to August of the following year. Prosecutors determined that no identity fraud was committed. However, there was a sale of information to a marketing company. The indictment alleged that Levine and six co-workers decrypted passwords to gain greater access to Acxiom data, at which point they would “incorporate the stolen data into the Snipermail system and sell the newly acquired information together with their existing data to Snipermail clients.” Levine’s former colleague at Snipermail, Jeff Berstein, also began testimony for the government this week by describing Snipermail’s inner workings. After the jury was dismissed for the day, Levine’s lawyer, David Garvin, asked U.S. District Judge Wilson to exclude testimony about Levine’s previous role as the head of Florida energy reseller Friendly Power. The prosecutors argued that Snipermail essentially picked up where Friendly Power left off after it was fined $250,000. Wilson was still considering the matter Tuesday evening. Trial is expected to last several weeks. A lawyer for Levine says his client expects to be found innocent. ----- David Butcher is Assistant Editor of Customer Interaction Solutions. To see more articles by David Butcher, please visit: http://www.tmcnet.com/tmcnet/columnists/columnist.aspx?id=100008&nm=David%20 R.%20Butcher |