DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

FBI arrests man for theft and attempted extortion of AIG

Posted on November 8, 2008 by Dissent

While I was travelling last month, I apparently missed an important news item. In light of this week’s reports of a significant breach and extortion attempt of Express Scripts, this earlier news release from the FBI in Indianapolis is particularly timely:

Michael S. Welch, Special Agent in Charge of the Indianapolis Office of the Federal Bureau of Investigation (FBI); Steve Carter, Indiana Attorney General; and Chief Michael Spears, Indianapolis Metropolitan Police Department jointly announced today the arrest of Kevin Michael Stewart by the FBI Cyber Crime Task Force and the Safe Streets Task Force in Indianapolis, Indiana at 12:30 a.m. this morning.

Stewart is currently facing federal charges arising from the March 31, 2006 burglary of a computer server from the Indianapolis office of Medical Excess LLC, a member company of AIG. The server contained personally identifying and health care sensitive information for over 900,000 policy holders. Stewart is also accused of extorting AIG for $208,000 under a threat to release the data onto the Internet beginning on July 23, 2008. A criminal complaint has been filed with the U.S. District Court for the Southern District of Indiana alleging violations of the extortion statute, Title 18, U.S.C. § 875 and the newly enacted Title 18 U.S.C. § 1030(a)(7)(B) and (C), which make it a federal crime to commit extortion relating to unauthorized access of, or damage to, a protected computer system and/or to impair the confidentiality of information obtained from a protected computer. “Stewart is believed to be the first person in the United States to be charged under this new criminal statute, which is designed to address the theft of large data sets from organizations and the resulting consequences,” commented Assistant U.S. Attorney Steven DeBrota.

AIG reported this matter immediately to the FBI, and worked proactively and aggressively with the multi-agency task force to solve the burglary and prevent the disclosure of sensitive customer information, said SAC Welch. He went on to say, “The stakes are high when dealing with a threat of this nature, as significant damage to our citizens and our financial infrastructure can occur with a single keystroke.”

“When a company as large as AIG is vulnerable, we know that all businesses are threatened by cyber crime,” said Attorney General Steve Carter. “The world became a smaller place with the advent of the Internet and when individuals utilize the medium for criminal purposes, there are virtually no barriers on the amount of damage that can occur. It takes coordination and specialization to effectively investigate and successfully prosecute cyber-related crimes.”

The FBI Cyber Crime Task Force is a multi-agency investigative unit with members in the FBI Indianapolis Field Office, Merrillville Resident Agency, and Evansville Resident Agency. The mission of the task force is to protect Indiana’s citizens by investigating and preventing high technology crime and neutralizing national security threats involving computer networks. This is accomplished by leveraging the resources and expertise of participating law enforcement agencies, Indiana’s higher-education institutions, and members of the U.S. Intelligence Community.

Agencies participating in the task force include the Evansville Police Department, Federal Bureau of Investigation, the Indiana Attorney General’s office, Indiana Department of Natural Resources, Indiana State Police, Indianapolis Metropolitan Police Department, United States Secret Service, and the Vanderburgh County Sheriff’s Office. Purdue University’s Center for Education and Research in Information Assurance and Security (CERIAS) and Department of Computer and Information Technology’s Cyber Forensics Lab are special partners in the task force.

Category: Health Data

Post navigation

← Pinellas Audit Reveals Confidential Files That Missed Shredder
TX: Computer Back Up Tapes Containing Personal Information Stolen →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • CoinMarketCap Hacked, Scrambles to Remove Malicious Wallet Verification Popup
  • Montana Attorney General launches investigation into Lee Enterprises data breach
  • AT&T gets preliminary approval for $177 million data breach settlement
  • Aflac notifies SEC of breach suspected to be work of Scattered Spider
  • Former JBLM soldier pleads guilty to attempting to share military secrets with China
  • No, the 16 billion credentials leak is not a new data breach — a wake-up call about fake news (Updated)
  • Tonga’s health system hit by cyberattack (1)
  • Russia Expert Falls Prey to Elite Hackers Disguised as US Officials
  • Proposed class action settlement in In re Netgain Technology litigation
  • Qilin Offers “Call a lawyer” Button For Affiliates Attempting To Extort Ransoms From Victims Who Won’t Pay

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill
  • Officials defend Liberal bill that would force hospitals, banks, hotels to hand over data
  • US Judge Invalidates Biden Rule Protecting Privacy for Abortions
  • DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities
  • 23andMe fined £2.31 million for failing to protect UK users’ genetic data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.