A federal judge sentenced David Kent to a year and a day in prison and ordered him to pay $3.3 million in restitution and pay a $20,000 fine for accessing the computer network of Rigzone.com, an industry-specific networking website. Kent founded Rigzone.com, sold it for $51 million, and after the sale accessed the company’s network to obtain information to use for launching a competitor to Rigzone.com. The Complaint describes how Kent was able to do this by exploiting a source code vulnerability that he knew of from the original creation of the website. This is a big no-no. Under the Computer Fraud and Abuse Act, this type of unauthorized access is considered hacking just as if the Russians did it with super-secret James Bond-like gadgets and gizmos.
USA v. Kent, 1:16-cr-00385, U.S. District Court for the Southern District of New York
Reblogged this on Harm & Whistleblowing.