DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Hungarian Citizen Pleads Guilty to Hacking into Marriott Computers and Attempting to Extort Employment from the Company

Posted on November 23, 2011 by Dissent

A Hungarian citizen pleaded guilty today to intentionally causing damage by transmitting a malicious code to Marriott International Corporation computers and to threatening to reveal confidential information obtained from the company’s computers if Marriott did not offer him a job.

Assistant Attorney General Lanny A. Breuer of the Justice Department’s Criminal Division announced the guilty plea with U.S. Attorney for the District of Maryland Rod J. Rosenstein and Special Agent in Charge David Beach of the U.S. Secret Service, Washington Field Office.

According to the plea agreement, Attila Nemeth, 26, admitted that on Nov. 11, 2010, he sent an initial email to Marriott personnel, informing them that he had been accessing Marriott’s computers for months and had obtained proprietary information. Nemeth threatened to reveal this information if Marriott did not give him a job maintaining the company’s computers.

On Nov. 13, 2010, after receiving no response from Marriott, Nemeth sent another email containing eight attachments as proof of the intrusion and acquisition of their files. These documents included financial documentation and other confidential and proprietary information. Nemeth admitted that he had gained access to their system through an infected email attachment sent to specific Marriott employees.

On Nov. 18, 2010, Marriott created the identity of a fictitious Marriott employee for the use by the U.S. Secret Service in an undercover operation to communicate with Nemeth. Nemeth, believing he was communicating with Marriott human resources personnel, continued to call and email the undercover agent, and demanded a job with Marriott in order to prevent the public release of the Marriott documents. Nemeth emailed a copy of his Hungarian passport as identification and offered to travel to the United States.

On Jan. 17, 2011, Nemeth arrived at Washington Dulles Airport on a ticket purchased by Marriott, for an “employment interview.” The “interview” was conducted by a Secret Service agent assuming the role of the Marriott employee with whom Nemeth believed he had been communicating. During the course of the “interview,” Nemeth admitted that he accessed Marriott’s computer systems; stole Marriott’s confidential and proprietary information; and initiated the emails to Marriott threatening to publicly release Marriott’s data unless he was given a job on his terms by Marriott. To further prove his identity as the perpetrator, Nemeth demonstrated exactly how he accessed the Marriott network; his continued ability to access the Marriott network; and the location of the stolen Marriott proprietary data on a computer server located in Hungary.

The intrusion resulted in Marriott engaging more than 100 of its employees in a thorough search of its network to determine the scope of the compromise and to identify the data that may have been compromised. The loss to Marriott as a result of the intentional damage caused by Nemeth is between $400,000 and $1 million dollars in salaries, consultant expenses and other costs.

Nemeth faces a maximum penalty of 10 years in prison for the transmission of the malicious code and a maximum of five years in prison for threatening to expose confidential and proprietary information if Marriott did not give him a job.

Sentencing is scheduled for Feb. 3, 2012, at 11 a.m. Nemeth remains detained.

Related posts:

  • EXCLUSIVE: Marriott hacked again? Yes. Here’s what we know.
  • UFC Website hacked and defaced by anonymous after Dana white starts trouble #OpUFC
  • NY: Developer arrested for theft of source code from former employer
  • Marriott notifies associates of breach at unnamed vendor
Category: Breach IncidentsBusiness SectorHack

Post navigation

← Fairly big dump of accounts from globeclassroom.ca
University of Kentucky HealthCare notifying almost 900 patients that lost phone may have contained information on them →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Breaches have consequences (sometimes)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France
  • France issues press statement about arrest of ShinyHunters members
  • Patients Allege Home Delivery Pharmacy Failed to Timely Notify Them of Data Breach
  • Hackers breach Norwegian dam, open valve at full capacity
  • Patient death at London hospital linked to cyber attack on NHS
  • ShinyHunters and team members arrested in France (2)
  • Texas Enacts Liability Shield From Punitive Damages for Certain Small Businesses That Adopt Cybersecurity Programs
  • Dublin ETB fined €125,000 for data protection breaches

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How Internet of Things devices affect your privacy – even when they’re not yours
  • Sky Views Personal Data as a Potential Weapon in IPTV Piracy War
  • Florida Used a Nationwide Surveillance Camera Network 250 Times To Aid in Immigration Arrests
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule
  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.