Former US Navy IT Manager Faces Prison Sentence for Selling Personal Records on the Dark Web
Marquis Hooper Exploited 9,000 People's Data
A former IT manager for the US Navy has been sentenced to five-and-a-half years in prison for selling thousands of people's personal records on the dark web. Marquis Hooper, a former chief petty officer, accessed a database containing millions of records and sold details of over 9,000 individuals over a period of five months.
Prosecutors revealed that Hooper and his wife, Natasha Chalk, who is also a co-defendant in the case and a former Navy reservist, generated around $160,000 worth of Bitcoin from the illegal transactions. The data they sold online was then used by criminals for various fraudulent activities. In one instance, the purchased data was used to create a fake driver's license, which was subsequently used in an attempt to withdraw money from a bank.
Despite facing a maximum sentence of 20 years in prison and a $250,000 fine, Hooper's actual sentence was considerably less severe. Prosecutors acknowledged Hooper's lack of criminal history and his willingness to accept responsibility, but argued that due to his military status, he should still be punished harshly.
The details of the crime were revealed in court records. In August 2018, Hooper opened an account with an unnamed company that operates a database. He falsely claimed that he needed access to the personally identifiable information (PII) in the database for conducting background checks for the Navy. However, the company restricts access to its database to authorized businesses and government agencies.
In December of the same year, the company detected fraudulent activity and closed Hooper's account. Undeterred, Hooper and Chalk attempted to gain access to the database again by asking an unnamed co-conspirator to open another account on their behalf. They used the same method to steal personal records and sell them on the dark web.
The case highlights the severity of insider threats and the potential risks posed by individuals who have access to sensitive data. It also underscores the need for organizations to implement robust security measures and ensure strict access controls to protect sensitive information from unauthorized access and misuse.
As the digital landscape continues to evolve, it is crucial for businesses and government agencies to stay vigilant and proactive in safeguarding personal data. Instances like these serve as a reminder that cybersecurity should be a top priority, and organizations must invest in training, technology, and policies to prevent data breaches and protect the privacy of individuals.