Computer expert who stole eight million people’s personal details for an ‘intellectual challenge’ jailed for two and half years

 

• Program scanned through 200,000 PayPal accounts
• Part of Nokia internal network temporarily shut down
• Girlfriend used stolen card details to try and pay for luxury hotels
• Hacker hoarded enough personal details to fill 67,500 double-sided A4 pages

 

MAIL Online (UK)

By Phil Vinter

3 April 2012

 

 

A computer hacker illegally acquired enough credit and debit card details to carry out a potential £800,000 worth of fraud.

Edward Pearson, 23, of Lendale, York, used a trojan virus to download thousands of credit card details along with the postcodes, passwords, names and dates of birth of more than eight million people in the UK.

One of his programs scanned through 200,000 accounts registered to online payment service PayPal – identifying names, passwords and current balances.

Pearson, an ‘incredibly talented’ boarding school student who carried out the crime for an ‘intellectual challenge’, has been jailed for two years and two months.

He also managed to shut down part of the mobile phone giant Nokia’s internal network for two weeks after hacking in and copying the details of over 8,000 members of staff, Southwark Crown Court heard.

His 21-year-old girlfriend, Cassandra Mennim, a sociology student at the University of York, triggered a police inquiry after she tried to pay for luxury hotel stays using stolen credit card details.

Pearson was arrested after investigators linked a web alias, ‘G-Zero’, which had appeared on hacking forums, to his personal email address.

On one of his computers officers found 8,110,474 names, dates of birth, and postcodes for adults living in the UK.

Police officers in the case said that if the details were printed onto double-sided A4 it would fill a staggering 67,500 sheets.

David Hughes, prosecuting, said the hacker had carried out a series of ‘sophisticated, planned frauds.’

He said: ‘Pearson used his considerable expertise for his criminal intentions.

‘When police examined other computers they found the details of 2,701 credit or debit cards.

‘Based on the average fraud used on a single card being £309, the potential gain to be made by him was £834,000.

‘In fact the actual fraud on these credit and debit cards attributed to Pearson amounted to £2,351, but the total on the cards was £39,832.’

The details were all stolen over an 18-month period between January 1, 2010, and August 30, 2011.

Pearson coded trojan viruses, called Zeus, SpyEye and Python, to automatically scour the internet in search of personal details.

His Python program successfully downloaded the details of 200,000 PayPal accounts.

Mr Hughes added that Pearson had hacked into the systems of Nokia and web giant AOL to gain access to their employees’ details, as well as other sensitive information.

‘This had a significant negative impact on the company, which had to shut its networks down for two weeks while checks were carried out on it,’ he said.

Mennim was caught after booking rooms at the Cedar Court Grand Hotel and Lady Anne Middleton Hotel, both in York, using stolen credit card details and PayPal accounts.

Andrew Bodnar, defending Pearson, said his hacking had not been for financial gain, but more as an intellectual challenge.

‘This is a young man who has very advance computer skills, but has put them to the wrong use, but he is not the criminal mastermind that everyone claims he is.

‘The total amount of money he fraudulently amounted, is the figure of £2,351.

 

 

‘These have been done using the Paypal accounts, to order pizza and other takeaway foods, and to pay for mobile phone accounts.

‘It is fair to say that he produced the Trojan, Zeus and other software as an intellectual challenge, and he hacked into Nokia to see if he could.’

He added that although he had shared some of the details, he had never sold them.

 

Stephen Grattage, defending Mennim, who gained 9 A’s and 4 A*’s at GCSEs, said she was a vulnerable young women who had found comfort in Pearson following a difficult previous relationship.

‘She stands before the court, saying she is ashamed of herself, and she is ashamed of her actions and is very sorry.

‘She says she will pay back the money that she owes to the hotel.’

Sentencing Pearson to two years and two months and handing Mennim a 12 month supervision order the judge Ms Recorder Ann Mulligan said: ‘It is extremely regrettable that you two promising young individuals find yourself in the dock.

‘This was a very sophisticated crime, in which you managed to access highly confidential information and put many many individuals at risk of attack.

‘You had a staggering amount of personal details, 8.1 million, which included names, dates of births, credit and debit card details and security codes, the use of which they could have been used for, is hard to imagine.

‘Your computers and software were a devastating tool kit.

‘I accept that you didn’t sell this information, but you shared it with other computer programmers, and you had no way of knowing how they might use this information.

 

‘This stupendous criminality was not about financial gain, but about an intellectual challenge.’

Pearson, originally from Blandford Forum, Dorset, and now of Lendale, York, admitted making an article for use in fraud and two counts of possession of an article for use in fraud.

Mennim, of Balmoral Terrace, South Gosforth, Newcastle upon Tyne, admitted two counts of obtaining services dishonestly.

 

 

Direct Link:  http://www.dailymail.co.uk/news/article-2124114/Computer-hacker-Edward-Pearson-Lendale-York-stole-million-people-s-personal-details-jailed-half-years.html