Marquis Hooper, a former U.S. Navy IT manager, has received a sentence of five years and five months in prison for illegally obtaining US citizens' personally identifiable information and selling it on the dark web. The man was indicted with his wife, Natasha Renee Chalk, in February 2021 and pleaded guilty to aggravated identity theft and conspiracy to commit wire fraud in March 2023. According to information contained in the indictment, Hooper opened an online account with a company maintaining a database containing the PII of millions of people in August 2018. The service, which has not been named, is used by legitimate businesses and government agencies that require lawful access to run background checks and confirm identities. Hoopen falsely claimed that the Seventh Fleet, which he served as a chief petty officer until October 2018, required access to its database to conduct background checks on Navy personnel. He then gave access to the account to his wife, who helped him conduct searches among the massive pool to locate valuable PII over the next 2.5 months. The two illegally obtained the sensitive personal information of 9,000 people and subsequently sold the data on the dark web in exchange for Bitcoin payments valued at around $160,000 at the time. In many cases, those purchasing PII from the couple leveraged it to commit crimes such as document forgery and bank fraud. "At least some of the individuals to whom Hooper and Chalk sold the PII used it to commit further crimes," explained the U.S. Department of Justice. One individual used the PII to create a fake driver's license and then tried to withdraw money from the victim's bank account." It wasn't until December 2018 that the account used by Hooper to steal people's personal information was due to suspected fraud. Hooper then engaged an unnamed co-conspirator to regain access to the database by following a similar procedure, offering to pay them $2,500 per month for "Renting" him access to the new account. Hooper provided the requested proof by producing multiple false documents of a Naval supply officer and a letter supposedly from a commanding officer. The co-conspirator submitted these to the database company, but the account was still declined, possibly based on suspected fraud. Chalk currently faces a maximum penalty of 20 years in prison and $250,000 in fines and is scheduled to hear her sentence on November 20, 2023. 23andMe hit with lawsuits after hacker leaks stolen genetics data. D.C. Board of Elections confirms voter data stolen in site hack. MGM Resorts ransomware attack led to $100 million loss, data theft. ShinyHunters member pleads guilty to $6 million in data theft damages. Shadow PC warns of data breach as hacker tries to sell gamers' info.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000