US man pleads guilty to wireless hack

A Michigan man pleaded guilty to four counts of wire fraud and unauthorised access to a computer after he and two accomplices...

A Michigan man pleaded guilty to four counts of wire fraud and unauthorised access to a computer after he and two accomplices used a vulnerable wireless network at a DIY store in an attempt to steal credit card numbers from the company's main computer systems.

Brian Salcedo could face up to 18 years in prison for the offences which, the government claimed, could have caused more than $2.5m (£1.4m) in damages.

The case stems from a series of hacks in October and November 2003 in which Salcedo's two accomplices, Adam Botbyl and Paul Timmins, discovered a loosely protected wireless local area network connection at a Lowe's store in Michigan while scanning for open connections.

The trio subsequently used the open access point to compromise the entire corporate network of the company, hacking into stores in California, Kansas, South Dakota and other states in the weeks that followed.

The three also attempted to install a modified version of a credit processing program called "tcpcredit" which skimmed credit account information for every transaction processed at a particular Lowe's store. 

In November, a grand jury indicted the three on 16 counts of wire fraud and unauthorised intrusion. In May, both Salcedo and Botbyl reached plea agreements and Botbyl agreed to plead guilty to one count of conspiracy to gain unauthorised access to a nationwide computer network.

The third and final member of the group, Paul Timmins, is scheduled to appear in court on 28 June.

Paul Roberts writes for IDG News Service

Read more on IT legislation and regulation

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.






  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...