DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Ripoff Report and Armor Games Hacker Sentenced to Prison

Posted on March 17, 2021 by Dissent

There’s an update to the case of a young Cypriot hacker who pleaded guilty in January to hacking Armor Games and Ripoff Report. A Nicosia court had ruled in 2019 that Joshua Epiphaniou was to be extradited here. He is the first Cypriot national ever extradited from Cyprus to the United States.

Today, the U.S. Attorney’s Office for the District of Arizona announced that Ephiphaniou, now 22, was sentenced in the Northern District of Georgia to 12 months and one day in prison, on top of the nearly four years he has already served in custody since his arrest in Cyprus in May, 2017.

As a result of his conviction, Epifaniou forfeited $389,113 and 70,000 euros to the government and paid $600,000 in restitution to the victims of his fraud in Arizona and the Northern District of Georgia.

While many news reports these days talk about threat actors making extortion demands under threat that they will dump sensitive data stolen from entities, such extortion is nothing new, as this site has noted in other posts.  Rex Mundi was doing it a decade ago, and between October 2014 and May 2017, Epifaniou would target websites, work with co-conspirators to steal personally identifiable information from the websites’ databases, and then threaten to leak sensitive data if web site owners did not pay him in cryptocurrency.

Victims of Epifaniou’s computer terrorism included an online sports news website owned by Turner Broadcasting System Inc. in Atlanta, Georgia, Armor Games in Irvine, California, a hardware company based in New York, New York, an online employment website headquartered in Innsbrook, Virginia, and Ripoff Report, headquartered in Phoenix, Arizona.

According to the USAO and court filings:

After extorting Ripoff Report, Epifaniou also hacked into its website to remove online complaints at the request of paying clients. Epifaniou and his co-conspirator, Pierre Zarokian, charged clients between $1,000 and $5,000 for each complaint removal and falsely told clients that the removals were court-ordered. Epifaniou was charged by indictment in Arizona in CR-17-1280-SMB and Zarokian was sentenced last year in CR-18-1626-MTL.

The Federal Bureau of Investigation conducted the investigation in this case. Foreign law enforcement partners also made significant contributions to the investigation, including the Office for Combating Cybercrime of the Cyprus Police. The U.S. Attorney’s Offices for the District of Arizona and for the Northern District of Georgia handled the prosecution, with assistance from the Criminal Division’s Office of International Affairs.

CASE NUMBER: CR17-00327-MHC-JKL
RELEASE NUMBER: 2021-014_Epifaniou

 

Category: Business SectorHackU.S.

Post navigation

← Hackers hacked into the system of three Prague polyclinics, e-mails and ordering system do not work
Nikkei’s Hong Kong affiliate hit by unauthorized access →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Why Dumping Sensitive Data on Network Shares is a Liability
  • A militarily degraded Iran may turn to asymmetrical warfare – raising risk of proxy and cyber attacks
  • Pro-Russian hackers disrupt Dutch government websites ahead of NATO summit
  • Iran-Linked Threat Actors Leak Visitors and Athletes’ Data from Saudi Games
  • UK: Oxford City Council still investigating cyberattack from earlier this month
  • Steelmaker Nucor Says Hackers Stole Data in Recent Attack
  • People’s Republic of China cyber threat activity: Cyber Threat Bulletin
  • Ukrainian Web3 security auditing company Hacken suffered an attack that allowed a hacker to create 900 million HAI tokens
  • McLaren provides written notice to 743,131 patients after ransomware attack in July 2024 (1)
  • A state forensics lab was leaking its files. Getting it locked down involved a number of people.

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Sky Views Personal Data as a Potential Weapon in IPTV Piracy War
  • Florida Used a Nationwide Surveillance Camera Network 250 Times To Aid in Immigration Arrests
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule
  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill
  • Officials defend Liberal bill that would force hospitals, banks, hotels to hand over data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.