DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Oilpro.Com Founder Pleads Guilty to Hacking Competitor

Posted on December 28, 2016 by Dissent

There’s an update to a case noted on this site earlier this year.  From the U.S. Attorney’s Office, Southern District of NY on December 19:

Preet Bharara, the United States Attorney for the Southern District of New York, and William F. Sweeney Jr., Assistant Director-in-Charge of the New York Field Office of the Federal Bureau of Investigation (“FBI”), announced today that DAVID W. KENT, the founder of professional networking website Oilpro.com (“Oilpro”), pled guilty this morning before U.S. District Judge Denise L. Cote in Manhattan federal court to a superseding Information, which charged him with one count of intentionally accessing a protected computer without authorization.  The charge stemmed from KENT’s role in repeatedly hacking into a competitor’s database to steal customer information and attempting to sell Oilpro to the same company whose database KENT had hacked.

Manhattan U.S. Attorney Preet Bharara said:  “David Kent has admitted to his role in hacking into a competitor’s network and stealing client data in order to boost the value of Oilpro, a company he founded.  Kent then attempted to sell Oilpro to the very company he hacked.  Using cyber hacking to gain advantage over a competitor is not only an unfair business practice, but is a federal crime for which Kent has now pled guilty.”

FBI Assistant Director William F. Sweeney said:  “Today, David Kent pled guilty to intentionally accessing a protected computer without authorization. This is a stern reminder to others that unauthorized access to a computer is a federal crime with severe penalties; even just a quick look at the data on the computer can lead to a prison sentence and that never leads to a leg up in business.”

According to the superseding Information, the previously filed Complaint, and statements made at public court proceedings:

In or about March 2000, KENT founded a website (“Website-1”) that provides, among other things, networking services to professionals working in the oil and gas industry.  Website-1 allows its members to create profiles, which includes personal and professional information.  As part of their profiles, members can also upload their resumes.  The profiles are contained in a database maintained by Website-1 (the “Members Database”).  Members are assigned login credentials (i.e., usernames and passwords) when they create their profiles.  Members use these login credentials to access their profiles.

In or around August 2010, KENT sold Website-1 for approximately $51 million to a publicly traded company headquartered in New York, NY (“Company-1”).  KENT entered into an employment agreement with Company-1 and agreed to continue to serve as the president of Website-1 after the acquisition.  However, KENT left Website-1 in September 2011 and launched Oilpro in October 2013.  Like Website-1, Oilpro provides networking services to professionals working in the oil and gas industry.  Oilpro is headquartered in Houston, Texas.

Between October 2013 and February 2016, KENT conspired to access information belonging to Website-1 without authorization and to defraud Company-1.  KENT accessed the Website-1 Members Database without authorization and stole customer information, including information from over 700,000 customer accounts.  KENT then exploited this information by inviting Website-1’s members to join Oilpro.  Similarly, one of Kent’s employees at Oilpro who previously worked for Website-1 (“CC-1”) accessed information in Website-1’s Google Analytics account without authorization and forwarded the information to KENT.  In the meantime, KENT attempted to defraud Company-1 by misrepresenting during discussions about a potential acquisition of Oilpro by Company-1 that Oilpro had increased its membership through standard marketing methods.

*                *                *

KENT, 41, of Spring, Texas, was arrested on March 30, 2016.  KENT pled guilty today to one count of intentionally accessing a protected computer without authorization, which carries a maximum penalty of five years in prison.

The maximum potential sentence is prescribed by Congress and is provided here for informational purposes only, as any sentencing of the defendant will be determined by the judge.

KENT is scheduled to be sentenced by Judge Cote on March 17, 2017, at 2:00 p.m.

Mr. Bharara praised the investigative work of the Federal Bureau of Investigation.  Mr. Bharara also thanked the Office of International Affairs and the United Kingdom’s National Cyber Crime Unit (NCCU), and noted that the investigation is continuing.

This case is being handled by the Office’s General Crimes Unit.  Assistant United States Attorneys Sidhardha Kamaraju and Andrew K. Chan are in charge of the prosecution.

h/t, Bleeping Computer

Category: Business SectorHackInsiderU.S.

Post navigation

← PBSO deputy tied to $283,000 identity-theft scam
More than 10,000 medical marijuana establishment agent applicants in Nevada had their personal info exposed online →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • Class action settlement following ransomware attack will cost Fred Hutchinson Cancer Center about $52 million
  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
  • Victoria’s Secret takes down website after security incident
  • U.S. Government Employee Arrested for Attempting to Provide Classified Information to Foreign Government
  • St. Cloud Provides Update on Ransomware Attack in 2024
  • Bradford Health Systems detected abnormal network activity in December 2023. They first sent out breach notices this week.

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans
  • The US Is Storing Migrant Children’s DNA in a Criminal Database

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.