Thornhiller charged in data breach

FBI  and Dutch police helped RCMP  locate the suspect

A Thornhill resident has been charged and has appeared in court, in connection with the sale of a large number of personal online identities and passwords, as part of a criminal investigation led by Royal Canadian Mounted Police’s (RCMP) National Division Cybercrime Investigative Team, with help from the Dutch National Police Corps and the U.S. Federal Bureau of Investigation (FBI).

Staff Sgt. Maurizio Rosa, from the RCMP, confirmed that the male suspect was arrested on Dec. 22 after the Dutch National Police alerted the RCMP that servers in Canada were being used to host approximately three billion pieces of compromised identity and account information, of which 1.5 billion contained usernames and passwords.

According to Rosa, the suspect had purchased or illicitly obtained personal account information from the dark web and sold access to the information through a restricted access website, LeakedSource.com.

“This information was used by hackers in basically identifying usernames and passwords that had been compromised and potentially using them to then access accounts elsewhere having the same passwords, the same usernames and making criminal use of these accounts,” he said, adding that people generally have a tendency toward reusing their passwords across different sites, including social media, email and financial services.

Their investigation turned up one Canadian suspect. Rosa confirmed the Dutch National Police and the FBI are also carrying on their own investigations.

“To my awareness, we’re the only ones who have charged a suspect at this time,” said Rosa.

The suspect appeared in court on Jan. 15 and has another court date set in February.

Article exclusive to TRNTO