http://www.washingtonpost.com/wp-dyn/content/article/2005/07/12/AR2005071201423.html
By DAVID HAMMER
The Associated Press
July 12, 2005
LITTLE ROCK, Ark. -- Four Acxiom Corp. employees told jurors Tuesday
about their discovery that the database-management company's computer
system had been penetrated, and how they responded.
The group testified as federal prosecutors opened their case against a
Florida man accused of hacking into Acxiom Corp.'s system and
downloading credit card numbers and other personal information.
Scott Levine, former chief executive of the bulk e-mail firm
Snipermail.com Inc., based in Boca Raton, Fla., faces 144 counts from
a July 2004 indictment in what prosecutors described as one of the
largest computer crime cases ever. Levine is accused of stealing 8.2
gigabytes of information from Acxiom, one of the world's largest
database companies. The violations occurred from around April 2002 to
August 2003.
The data included names, home addresses, phone numbers, e-mail
addresses, bank and credit card numbers involving millions of
individuals. But prosecutors determined that no identity fraud was
committed. There was, however, a sale of information to a marketing
company, prosecutors say.
Tuesday, Levine trucked several boxes of documents from U.S. District
Judge William R. Wilson Jr.'s courtroom after five government
witnesses testified in the case.
Jamie Holt, Jay Calloway, Dave Cramer and Steve Bour described how
they discovered their data had been breached and how they reported it
to the FBI and Secret Service. U.S. Attorney Bud Cummins said that
turned out to be a great benefit to the investigation.
"It turned out to be advantageous to us because the FBI and Secret
Service have different assets in different parts of the country, with
their expertise in cybercrime," Cummins said.
Levine's former colleague at Snipermail, Jeff Berstein, also began
testimony for the government Tuesday by describing Snipermail's inner
workings. After the jury was dismissed for the day, Levine's lawyer,
David Garvin, asked Wilson to exclude testimony about Levine's
previous role as the head of a Florida energy resaler called Friendly
Power.
The prosecutors argued that Snipermail essentially picked up where
Friendly Power left off after it was fined $250,000. Wilson was still
considering the matter Tuesday evening.
Some of the evidence in the case is sealed and Wilson signed an order
Tuesday "barring the gratuitous identification of Acxiom clients
affected by the facts that give rise to this case."
The indictment alleged that Levine and six co-workers decrypted
passwords to gain greater access to Acxiom data and would "incorporate
the stolen data into the Snipermail system and sell the newly acquired
information together with their existing data to Snipermail clients."
The counts against Levine included unauthorized access of a protected
computer, conspiracy, access device fraud, money laundering and
obstruction of justice.
© 2005 The Associated Press
_________________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 23-28 -
2,000+ international security experts,
10 tracks, no vendor pitches.
www.blackhat.com
