DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Hacker Gets 13 Years in Prison for Massive International ID Theft

Posted on July 14, 2015 by Dissent

There’s an important update in the case that involved Court Ventures/U.S. Info/Experian, and Dun & Bradstreet, although the government doesn’t name the businesses in its press release. James Eng reports:

A Vietnamese national was sentenced to 13 years in prison for hacking into U.S. businesses’ computers, stealing personally identifiably information (PII), and selling to other cybercriminals his fraudulently-obtained access to PII belonging to approximately 200 million U.S. citizens.

Assistant Attorney General Leslie R. Caldwell of the Justice Department’s Criminal Division, Acting U.S. Attorney Donald Feith of the District of New Hampshire and Director Joseph P. Clancy of the U.S. Secret Service made the announcement.

Hieu Minh Ngo, 25, was sentenced today by U.S. District Court Judge Paul J. Barbadoro of the District of New Hampshire.  Ngo previously pleaded guilty to federal charges brought in the District of New Hampshire and the District of New Jersey, including wire fraud, identity fraud, access device fraud and four counts of computer fraud and abuse.

“From his home in Vietnam, Ngo used Internet marketplaces to offer for sale millions of stolen identities of U.S. citizens to more than a thousand cyber criminals scattered throughout the world,” said Assistant Attorney General Caldwell.  “Criminals buy and sell stolen identity information because they see it as a low-risk, high-reward proposition.  Identifying and prosecuting cybercriminals like Ngo is one of the ways we’re working to change that cost-benefit analysis.”

“This case demonstrates that identity theft is a worldwide threat that has the potential to touch every one of us,” said Acting U.S. Attorney Feith.  “I want to acknowledge the excellent work of the United States Secret Service in identifying and capturing Mr. Ngo.  This case proves that the United States Attorney’s Office for the District of New Hampshire will work with law enforcement to investigate and prosecute identity thieves, even if they are halfway around the world.”

“The sentencing of this transnational cybercriminal illustrates another example of Secret Service success in the disruption and dismantling of global criminal networks,” said Director Clancy.  “This investigation and the resulting prosecution and sentencing should serve as a warning to criminals that we will relentlessly investigate, detect, and defend the Nation’s financial infrastructure.  This sentencing joins a long list of successes in combating financial crimes over our 150 year history.”

According to admissions made in connection with his guilty plea, from 2007 to 2013, Ngo operated online marketplaces from his home in Vietnam, including “superget.info” and “findget.me,” to sell packages of stolen PII.  These packages, known as “fullz,” typically included a person’s name, date of birth, social security number, bank account number and bank routing number.  Ngo also admitted to acquiring and offering for sale stolen payment card data, which typically included the victim’s payment card number, expiration date, CVV number, name, address and phone number.  Ngo admitted that he obtained some of the stolen PII by hacking into a New Jersey-based business and stealing customer information.

In addition to selling the “fullz,” Ngo admitted to offering buyers the ability to query online databases for the stolen PII of specific individuals.  Specifically, Ngo admitted that he offered access to PII for 200 million U.S. citizens, and that more than 1,300 customers from around the world conducted more than three million “queries” through the third-party databases maintained on his websites.

Ngo made nearly $2 million from his scheme.  The Internal Revenue Service has confirmed that 13,673 U.S. citizens, whose stolen PII was sold on Ngo’s websites, have been victimized through the filing of $65 million in fraudulent individual income tax returns.

The case was investigated by the U.S. Secret Service’s Manchester Resident Office.  The case is being prosecuted by Senior Trial Attorney Mona Sedky of the Criminal Division’s Computer Crime and Intellectual Property Section and Assistant U.S. Attorney Arnold H. Huftalen of the District of New Hampshire.

The case out of the District of New Jersey was investigated by the FBI, and is being prosecuted by the U.S. Attorney’s Office of the District of New Jersey.

SOURCE: U.S. Attorney’s Office, District of New Hampshire

Category: Business SectorHackID TheftOf NoteU.S.

Post navigation

← Update: Former Dothan police officer faces more ID theft charges
722 UPMC Health Plan customers affected by data breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors
  • Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes
  • 100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant
  • US State Dept. says silence or anonymity on social media is suspicious

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.