This Suspected Hacking Scheme May Have Targeted 60 Million People

Hand on computer mouse over laptop touch pad
Photograph by Altrendo via Getty Images

Three men were arrested on Monday for engaging in a wide-ranging hacking and spamming scheme that targeted personal information of 60 million people including Comcast (CMCSA) customers, U.S. prosecutors announced Tuesday.

Timothy Livingston, 30, Tomasz Chmielarz, 32, and Devin McArthur, 27, were named in an indictment filed in federal court in Newark, N.J. that charged them with conspiracy to commit fraud and related activity among other offenses.

Prosecutors said Livingston, a Boca Raton, Fla., resident, was the leader of a series of computer hacking and illegal spamming schemes that targeted multiple companies and generated illegal profits exceeding $2 million.

The three men were arrested at their respective residences on Tuesday morning, a spokesman for U.S. Attorney Paul Fishman in New Jersey said.

Michael Koribanics, Chmielarz’s lawyer, said his client would plead not guilty at a court hearing on Tuesday. A lawyer for Livingston did not immediately respond to a request for comment, and an attorney for McArthur could not be identified.

Prosecutors said Livingston, who owned a spam company called “A Whole Lot of Nothing LLC,” hired Chmielarz of Rutherford, N.J. to author hacking tools and other programs that facilitated the hacking and spamming schemes.

Among the companies they targeted was a Pennsylvania-based telecommunications company that employed McArthur, a resident of Ellicott City, Md., who installed hacking tools in company networks to gain access to records for 50 million people, prosecutors said.

The company was not identified by name in court papers. But McArthur’s LinkedIn page says he worked at Comcast Corp during the period in question. A Comcast spokeswoman had no immediate comment.

Livingston and Chmielarz also compromised tens of thousands of peoples’ email accounts, including customers of a New York telecommunications company, which they then used to send spam, the indictment said.

Other companies targeted in the schemes included a New York-based technology and consulting company whose website was compromised and a Texas-based credit monitoring firm that was hacked, the indictment said.

In the case of the unnamed credit monitoring firm, the indictment said Livingston paid Chmielarz to write a program to steal a database containing 10 million records.

When law enforcement seized Livingston’s computer in July, they discovered a database with 7 million of that company’s records, the indictment said.

Read More

Artificial IntelligenceCryptocurrencyMetaverseCybersecurityTech Forward