Tom Spalding reports:
A 28-year-old Indianapolis man was sentenced today to two years in state prison for trying to extort $208,00 from an insurance company after stealing a computer server.
Kevin M. Stewart was the first to be prosecuted under a law that makes it a crime to commit extortion with material from a protected computer system.
[…]
In March 2006, Stewart burglarized the Indianapolis office of AIG Medical Excess, threatening to release clients’ personal data on the Internet. The server contained the names of more than 900,000 insured persons, as well as their personal identifying information, and confidential medical information and e-mail communications. At the time of the burglary, Stewart was an employee of a private security firm that provided security services to the insurance company.
Read more on IndyStar.
The Associated Press adds that Stewart also was ordered to make restitution of $1.4 million to help cover the company’s cost of identifying and notifying those whose data was stolen. The data were recovered.