Howard Mintz reports:
A federal grand jury on Thursday indicted an alleged computer hacker who is accused of trying to extort $1 million from a Redwood City-based online company by stealing its private data and threatening to release it publicly.
In a three-count indictment handed up in San Jose federal court, prosecutors allege Chetan Suresh Bendale carried out the failed plot in the summer of 2009 against the oDesk Corp., described as an online marketplace to match up tech employers and contractors.
The indictment alleges that Bendale, using the name Rohit Komar, hacked into oDesk’s domain name account at Mydomain.com, stole the password and security settings and seized control over the company’s confidential information. Bendale then sent threatening e-mails to oDesk executives “demanding the company pay him one million dollars or he would sell oDesk’s information or release it on the Internet.”
Read more on: Mercury News.
So did Bendale acquire personally identifiable information on contractors that could be used for ID theft? And if so, did oDesk ever notify people about this incident other than law enforcement?
Update: It seems that no customer PII was involved. See also oDesk’s blog entry.