A Florida man has been found guilty of stealing more than 1.6 billion customer records by hacking into a server belonging to information management company Acxiom Corporation.
A jury in Little Rock, Arkansas, convicted Scott Levine and his defunct bulk e-mail marketing firm, Snipermail.com, on 120 counts of unauthorised access of a protected computer, two counts of access device fraud and one count of obstruction of justice. The jury cleared him of 13 counts of unauthorised access of a protected computer, one count of conspiracy and one count of money laundering.
"Those who steal private information can expect to be aggressively investigated and brought to justice," deputy assistant attorney general Laura Parsky said.
The criminal investigation was jointly conducted by the FBI and Secret Service, Criminal Investigation Division. Levine was charged in July 2004 with breaking into an Acxiom computer database to steal personal data. Levine and other Snipermail staff downloaded around 8.2GB of personal data from the Acxiom server between April 2002 and August 2003, said the DOJ.
Levine's case went to trial in July this year. Sentencing is set for January. The maximum sentences for Levine's convictions would total 640 years in prison and/or fines of $30.75 million. Several former Snipermail employees testified against Levine that they and he had conspired to cover up physical evidence relating to the break-ins and data theft.
"This case sends a clear message that cybercrime will not be tolerated, and Acxiom is satisfied and pleased by the verdict," Acxiom said in a statement released Friday. "We believe this case sets an example and will deter others who may be attempting, or even contemplating, attacks on data security."