DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes

Posted on June 5, 2025 by Dissent

There’s an update to a previously reported case. From the U.S. Attorney’s Office, Eastern District of New York, yesterday:

Earlier today, in federal court in Brooklyn, United States District Judge Frederic Block sentenced Sagar Steven Singh, also known as “Weep,” to 27 months’ imprisonment for conspiracy to commit computer intrusion and aggravated identify theft.  On May 30, 2025, Nicholas Ceraolo, also known as “Convict,” “Anon,” and “Ominous,” was sentenced to 25 months’ imprisonment for the same offenses.

Joseph Nocella Jr., United States Attorney for the Eastern District of New York, andMichael Alfonso, Acting Special Agent in Charge, Homeland Security Investigations, New York (HSI New York) announced the sentencings.

“The defendants breached a federal law enforcement database, used multiple means to steal sensitive personal information, and exploited that data to extort and threaten innocent people and their families,” stated United States Attorney Nocella.  “This sentence sends a clear message that my Office is committed to protecting victims from digital predators and that those who exploit vulnerabilities in government systems will face jail time.”

“The defendants impersonated law enforcement, illegally accessed government databases, and even faked life-threatening situations to bypass criminal procedures through which they could obtain sensitive personal information,” stated HSI Acting Special Agent in Charge Alfonso.  “They threatened innocent victims’ livelihoods and were found to have joked about their deceptive, exploitative, and calculated scheme in messages with each other.  As a result of the HSI New York El Dorado Task Force’s commitment to justice in this case, both men will now have months in federal prison to consider the seriousness of these crimes.”

Singh and Ceraolo belonged to a group called “ViLE,” whose logo is the body of a hanging girl.

Members of ViLE sought to collect victims’ personal information, including social security numbers.  ViLE then threatened to “dox” victims by posting that information on a public website administered by a ViLE member.  Victims could pay to have their information removed from or kept off the website.

Singh and Ceraolo unlawfully used a law enforcement officer’s stolen password to access a nonpublic, password-protected web portal (the “Portal”) maintained by a U.S. federal law enforcement agency for the purpose of sharing intelligence with state and local law enforcement.  The Portal detailed nonpublic records of narcotics and currency seizures, as well as law enforcement intelligence reports.

The defendants used their access to the Portal to extort their victims.  Singh wrote to a victim (“Victim-1”) that he would “harm” Victim-1’s family unless Victim-1 gave Singh the credentials for Victim-1’s Instagram accounts—and appended Victim-1’s social security number, driver’s license number, home address, and other personal details.  During the conversation, Singh told Victim-1 that he had “access to [] databases, which are federal, through [the] portal, i can request information on anyone in the US doesn’t matter who, nobody is safe.”  He added: “you’re gonna comply to me if you don’t want anything negative to happen to your parents.”  Singh ultimately directed Victim-1 to sell Victim-1’s accounts and give the proceeds to Singh.

After Singh and Ceraolo accessed the Portal, they both acknowledged that their conduct was criminal.  Ceraolo wrote to Singh: “were all gonna get raided one of these days i swear.”  Later that day, Singh wrote to a contact that the “portal [] i accessed i was not supposed to be there not one bit.”  Singh said he had “jacked into a police officer’s account” and “that portal had some fucking potent tools.”  Singh continued: “it gave me access to gov databases,” followed by the names of five search tools accessible through the Portal.

The government’s case is being handled by the Office’s National Security and Cybercrime Section.  Assistant United States Attorneys Alexander Mindlin, Ellen H. Sise, and Adam Amir are in charge of the prosecution.

The Defendants:

NICHOLAR CERAOLO (also known as “Convict,” “Anon,” and “Ominous)
Age:  27
Queens, New York

SAGAR STEVEN SINGH (also known as “Weep”)
Age:  21
Pawtucket, Rhode Island

E.D.N.Y. Docket No. 23-CR-236 (FB)
Updated June 4, 2025

Related posts:

  • Two Men Charged for Breaching Federal Law Enforcement Database and Posing as Police Officers to Defraud Social Media Companies
  • Operation Phish Phry reels in 100 in U.S. and Egypt
  • Justice Department Announces Five Cases as Part of Recently Launched Disruptive Technology Strike Force
  • IRS’s Top 10 Identity Theft Prosecutions
Category: FederalGovernment SectorHackID Theft

Post navigation

← 100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC
US govt login portal could be one cyberattack away from collapse, say auditors →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France
  • France issues press statement about arrest of ShinyHunters members
  • Patients Allege Home Delivery Pharmacy Failed to Timely Notify Them of Data Breach
  • Hackers breach Norwegian dam, open valve at full capacity

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions
  • NY Attorney General James Affirms Hospitals Must Provide Access to Emergency Abortion Care
  • How Internet of Things devices affect your privacy – even when they’re not yours
  • Sky Views Personal Data as a Potential Weapon in IPTV Piracy War
  • Florida Used a Nationwide Surveillance Camera Network 250 Times To Aid in Immigration Arrests
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.