A Michigan resident has just pleaded guilty to court charges of breaching the employee database belonging to the University of Pittsburg Medical Center (UPMC).
The 2014 hacking event was reported to have led to the theft of personal information of 65,000 people, which ended up being published on the dark web for sale.
Following the latest court development, the 30-year-old defendant Justin Sean Johnson will be set up for sentencing by the U.S. District Chief Judge Mark Hornak within four months. The accused is currently being held at the Butler County Prison where he was allowed to appear for the latest hearing via video.
At this point, it is believed that Johnson is facing a possible prison sentence of a maximum of seven years behind bars – the relatively lesser sentence is pegged on the fact that he pleaded guilty to only two of the forty three counts that had been levelled against him.
The defendant pleaded guilty to one count of a conspiracy and another of aggravated identity theft, even though he admitted to all accusations of conduct that were attached to an indictment memorandum drawn by the U.S. District Court of for the Western District of Pennsylvania.
Hacking UPMC and Selling Data Online
The specific charges that were raised by prosecutors against the defendant were anchored on the accusation that the suspect stole the names, Social Security numbers, residential addresses and employment data of UPMC workers.
By using the online moniker “The Dearth Star” and later “Dearthy Star”, Johnson then went on to sell the stolen UPMC employee’s personally identifiable information (PII) to dark web buyers across various countries. The purchased data was then used by the handlers to commit countless scamming and identity theft campaigns.
The court claimed that the defendant’s criminal actions left more than 65,000 people open to years of potential financial fraud. Typically, stolen data is usually purchased off the dark web and used by cyber criminals to orchestrate phishing campaigns against unsuspecting victims.
Then, according to the prosecution, the Internal Revenue Service (IRS) received a host of false 2013 tax returns asking for refunds.
A 2020 press release by the U.S. Department of Justice (DOJ) intimated that the false tax filings were used by the defendant to claim hundreds of thousands of dollars in refunds, which were turned into Amazon.com gift cards – the gift cards were used to buy Amazon items that were sent to Venezuela.
Further Investigations Yield More Stolen Data
Apart from the UPMC data that was stolen in the data breach, investigators reported that they came across the personal information belonging to an additional 89,310 persons stored in hardware that was confiscated during Johnson’s arrest in 2020.
According to the authorities, the massive cache of data was said to belong to a host of medical centers and educational institutions across America. Among the institutions that were featured in the stolen data included Butler University and Daytona State College.
In addition, according to U.S. law enforcement, the entire course of the criminal probe yielded a host of communication chats in which the defendant is reported to have provided tax advice, and spoken about his extensive experience with the PeopleSoft software used by UPMC.
Specific evidence recovered from Johnson’s computer showed that the defendant had made more than 1,000 Google searches of the term “PeopleSoft”. It is believed that this keen interest and experience with the software is what became the defendant’s breakthrough against the UPMC system.
Further, according to the authorities, the defendant had also made Google searches about information relating to any criminal charges that had been filed against him. The charges included accusations found on federal court databases and national criminal warrants.