Tuesday, December 20, 2016

Oilpro.Com Founder Pleads Guilty In Manhattan Federal Court To Hacking Into Competitor’s Computer System


Defendant Stole Information From Over 700,000 Customer Accounts Stored on a Competitor’s Database and Then Sought to Sell Oilpro.com to the Company He Had Hacked

  Preet Bharara, the United States Attorney for the Southern District of New York, and William F. Sweeney Jr., Assistant Director-in-Charge of the New York Field Office of the Federal Bureau of Investigation (“FBI”), announced today that DAVID W. KENT, the founder of professional networking website Oilpro.com (“Oilpro”), pled guilty this morning before U.S. District Judge Denise L. Cote in Manhattan federal court to a superseding Information, which charged him with one count of intentionally accessing a protected computer without authorization.  The charge stemmed from KENT’s role in repeatedly hacking into a competitor’s database to steal customer information and attempting to sell Oilpro to the same company whose database KENT had hacked.
Manhattan U.S. Attorney Preet Bharara said:  “David Kent has admitted to his role in hacking into a competitor’s network and stealing client data in order to boost the value of Oilpro, a company he founded.  Kent then attempted to sell Oilpro to the very company he hacked.  Using cyber hacking to gain advantage over a competitor is not only an unfair business practice, but is a federal crime for which Kent has now pled guilty.”           
FBI Assistant Director William F. Sweeney said:  "Today, David Kent pled guilty to intentionally accessing a protected computer without authorization. This is a stern reminder to others that unauthorized access to a computer is a federal crime with severe penalties; even just a quick look at the data on the computer can lead to a prison sentence and that never leads to a leg up in business.”
According to the superseding Information, the previously filed Complaint, and statements made at public court proceedings:
In or about March 2000, KENT founded a website (“Website-1”) that provides, among other things, networking services to professionals working in the oil and gas industry.  Website-1 allows its members to create profiles, which includes personal and professional information.  As part of their profiles, members can also upload their resumes.  The profiles are contained in a database maintained by Website-1 (the “Members Database”).  Members are assigned login credentials (i.e., usernames and passwords) when they create their profiles.  Members use these login credentials to access their profiles.
In or around August 2010, KENT sold Website-1 for approximately $51 million to a publicly traded company headquartered in New York, NY (“Company-1”).  KENT entered into an employment agreement with Company-1 and agreed to continue to serve as the president of Website-1 after the acquisition.  However, KENT left Website-1 in September 2011 and launched Oilpro in October 2013.  Like Website-1, Oilpro provides networking services to professionals working in the oil and gas industry.  Oilpro is headquartered in Houston, Texas.
Between October 2013 and February 2016, KENT conspired to access information belonging to Website-1 without authorization and to defraud Company-1.  KENT accessed the Website-1 Members Database without authorization and stole customer information, including information from over 700,000 customer accounts.  KENT then exploited this information by inviting Website-1’s members to join Oilpro.  Similarly, one of Kent’s employees at Oilpro who previously worked for Website-1 (“CC-1”) accessed information in Website-1’s Google Analytics account without authorization and forwarded the information to KENT.  In the meantime, KENT attempted to defraud Company-1 by misrepresenting during discussions about a potential acquisition of Oilpro by Company-1 that Oilpro had increased its membership through standard marketing methods.          
KENT, 41, of Spring, Texas, was arrested on March 30, 2016.  KENT pled guilty today to one count of intentionally accessing a protected computer without authorization, which carries a maximum penalty of five years in prison.
The maximum potential sentence is prescribed by Congress and is provided here for informational purposes only, as any sentencing of the defendant will be determined by the judge.
KENT is scheduled to be sentenced by Judge Cote on March 17, 2017, at 2:00 p.m.
Mr. Bharara praised the investigative work of the Federal Bureau of Investigation.  Mr. Bharara also thanked the Office of International Affairs and the United Kingdom’s National Cyber Crime Unit (NCCU), and noted that the investigation is continuing.

No comments:

Post a Comment