Post by Admin on Jun 27, 2015 13:43:37 GMT
Prison Term Sought for Private Eye Who Hacked Email
by MATTHEW GOLDSTEIN JUNE 25, 2015
www.nytimes.com/2015/06/26/business/dealbook/prison-term-sought-for-private-eye-who-hacked-email.html?_r=0
In the end, the amount of money a New York private investigator made from people who paid him to illegally pilfer the emails of possibly dozens of people he was investigating was small — just $5,000.
But the privacy violation was so great that federal prosecutors are asking a judge on Friday to sentence the investigator, Eric Saldarriaga, 41, to serve as much as six months in prison to send a stern message about the wrongness of illegal hacking.
At least one of the people who had their email accounts hacked by Mr. Saldarriaga was a journalist who has written articles about the Church of Scientology and suspects that the investigator was hired to look into his work, according to a letter from the victim that prosecutors filed with the court on Thursday.
Prosecutors are seeking prison time for Mr. Saldarriaga, who lives in Queens, even though the court’s own probation department has recommended six months of home detention plus three years of supervised probation. The request for the stiffer sentence shows how seriously the authorities are taking the hacking of emails and social media accounts.
“Unlike defendants in a gun or drug case, who often act without reflection, there is reason to believe that individuals who engage in hacking and other forms of cybercrime can be deterred by a substantial threat of penalties,” said Daniel S. Noble, a prosecutor working for Preet Bharara, the United States attorney for Manhattan, in a pre-sentencing memorandum submitted this week.
Mr. Saldarriaga, who pleaded guilty on March 6 to one count of conspiracy to commit computer hacking, paid an unidentified overseas firm to secure the login credentials and passwords for the email accounts he wanted access to without permission. Mr. Saldarriaga’s use of a so-called hacker-for-hire firm surfaced during a broad investigation into the illicit activity conducted by federal authorities in Los Angeles several years ago.
When federal authorities in New York approached Mr. Saldarriaga in March 2014 about his activities, they found him to be cooperative and willing to acknowledge that he had taken money from clients to break into private email accounts, according to a court filing. But to date, no one else has been charged in the matter.
Law enforcement officials are increasingly concerned about hackers breaking into email accounts at law firms, large companies and investor-relations firms to gather information about business strategies and potential corporate deals.
In December, FireEye, a computer security consulting firm, released a report about a sophisticated hacking group it called Fin4 that was taking aim at corporate email accounts at large pharmaceutical companies and financial services firms to get information about potential merger negotiations.
Before the release of the report, FireEye officials gave a private briefing to Securities and Exchange Commission officials and others in law enforcement, alerting them that the information obtained by the hackers might be used by some to make potentially profitable trades, said a person briefed on that meeting but not authorized to speak publicly.
Soon after that briefing, the S.E.C. began an investigation. On Tuesday, Reuters reported that securities regulators had requested information from at least eight companies whose data had been breached, largely in response to FireEye’s report on Fin4.
In Mr. Saldarriaga’s case, it appears that the prosecutorial trail ends with him even though some of those who hired him appear to have been aware of what he was doing. Mr. Saldarriaga’s clients are known to have included lawyers, wealthy people and even other private investigators, some of whom referred cases to him because he had a reputation for gaining access to email accounts, said people briefed on the matter but not authorized to speak publicly about the investigation.
Tony Ortega, a former editor of The Village Voice who has written about Scientology and its practices for nearly two decades, was told in late May that he had been a victim of Mr. Saldarriaga’s email hacking. In a letter to prosecutors, Mr. Ortega said that he and other journalists who have written about Scientology have been targets of private investigators and that he believed Mr. Saldarriaga was hired by the church to gather information about him.
He said it would be a “miscarriage of justice” to sentence Mr. Saldarriaga “without pressing him” for information about who he was working for and who hired him.
Michael Rinder, a former spokesman for the Church of Scientology, also submitted a victim impact statement to prosecutors on Thursday.
Another victim, one of the roughly 50 people whose emails may have been reviewed by Mr. Saldarriaga, said he planned to address the judge at the sentencing.
That person, a man who lives in Southern California, requested permission to address Judge Richard J. Sullivan of Federal District Court in Manhattan through a videoconferencing system and planned to tell the judge that prosecutors should let the victims know who hired the investigator. The man, a professional gambler who said he anonymously contributes some of his winnings to charitable causes, says prosecutors have told him that he will not have to disclose his identity in court. He said he was concerned about information in his emails falling into the wrong hands.
“For this one guy, to be sentenced today for a crime he did for other people would be a miscarriage of justice,” the man said in an email statement on Thursday. “Clearly everyone that was involved in this crime, including the people that hired him or had any part in this, need to be prosecuted to the full extent of the law.
Under federal law, crime victims are entitled to submit a statement or address a judge before the sentencing.
Identifying the victims of hacking by Mr. Saldarriaga has not been easy. To locate some, prosecutors issued subpoenas to Google and other email providers, asking them to pass on the contact information for the people suspected of having had their emails rummaged through.
In his pre-sentencing memorandum, Peter Brill, a lawyer for Mr. Saldarriaga, asked Judge Sullivan to sentence his client to a three-year probationary sentence. Mr. Brill said that Mr. Saldarriaga was remorseful for his actions and knows that he did something wrong.
“He didn’t make a lot of money ever,” Mr. Brill said. “A lot of his email intrusions were for personal use, not for his business.”
Mr. Saldarriaga, in a letter to Judge Sullivan, said that while his actions were wrong, he was often motivated by a desire to do the right thing.
In one case, he said, he reviewed the emails of a woman whom a potential client had wanted investigated in order to see if the client was being truthful about claims he made about the woman. Mr. Saldarriaga said that in reviewing the woman’s emails, he learned that the man was not telling the truth and might have been stalking her.
He said he declined the assignment and sent an anonymous letter to the woman, warning her about the man’s intentions.
“Despite the illegality of my actions, I take solace in the fact that I may have protected a potential victim from serious harm,” Mr. Saldarriaga said in his letter to the judge.
Prosecutors said it was true that some of Mr. Saldarriaga’s email intrusions had nothing to do with his business as a private investigator and were motivated by his personal interests. But authorities said none of that diminishes the seriousness of the invasion of privacy.
“It goes without saying that email accounts oftentimes contain individual’s most personal communications, including correspondence about one’s personal relationships, finances, business affairs and medical information,” Mr. Noble, the prosecutor, said in the pre-sentencing memorandum. “Through his email hacking activities, the defendant repeatedly intruded into these intimate discussions.”
A version of this article appears in print on June 26, 2015, on page B1 of the New York edition with the headline: Prosecutors Urge Prison for Private Detective Who Hacked Email.
by MATTHEW GOLDSTEIN JUNE 25, 2015
www.nytimes.com/2015/06/26/business/dealbook/prison-term-sought-for-private-eye-who-hacked-email.html?_r=0
In the end, the amount of money a New York private investigator made from people who paid him to illegally pilfer the emails of possibly dozens of people he was investigating was small — just $5,000.
But the privacy violation was so great that federal prosecutors are asking a judge on Friday to sentence the investigator, Eric Saldarriaga, 41, to serve as much as six months in prison to send a stern message about the wrongness of illegal hacking.
At least one of the people who had their email accounts hacked by Mr. Saldarriaga was a journalist who has written articles about the Church of Scientology and suspects that the investigator was hired to look into his work, according to a letter from the victim that prosecutors filed with the court on Thursday.
Prosecutors are seeking prison time for Mr. Saldarriaga, who lives in Queens, even though the court’s own probation department has recommended six months of home detention plus three years of supervised probation. The request for the stiffer sentence shows how seriously the authorities are taking the hacking of emails and social media accounts.
“Unlike defendants in a gun or drug case, who often act without reflection, there is reason to believe that individuals who engage in hacking and other forms of cybercrime can be deterred by a substantial threat of penalties,” said Daniel S. Noble, a prosecutor working for Preet Bharara, the United States attorney for Manhattan, in a pre-sentencing memorandum submitted this week.
Mr. Saldarriaga, who pleaded guilty on March 6 to one count of conspiracy to commit computer hacking, paid an unidentified overseas firm to secure the login credentials and passwords for the email accounts he wanted access to without permission. Mr. Saldarriaga’s use of a so-called hacker-for-hire firm surfaced during a broad investigation into the illicit activity conducted by federal authorities in Los Angeles several years ago.
When federal authorities in New York approached Mr. Saldarriaga in March 2014 about his activities, they found him to be cooperative and willing to acknowledge that he had taken money from clients to break into private email accounts, according to a court filing. But to date, no one else has been charged in the matter.
Law enforcement officials are increasingly concerned about hackers breaking into email accounts at law firms, large companies and investor-relations firms to gather information about business strategies and potential corporate deals.
In December, FireEye, a computer security consulting firm, released a report about a sophisticated hacking group it called Fin4 that was taking aim at corporate email accounts at large pharmaceutical companies and financial services firms to get information about potential merger negotiations.
Before the release of the report, FireEye officials gave a private briefing to Securities and Exchange Commission officials and others in law enforcement, alerting them that the information obtained by the hackers might be used by some to make potentially profitable trades, said a person briefed on that meeting but not authorized to speak publicly.
Soon after that briefing, the S.E.C. began an investigation. On Tuesday, Reuters reported that securities regulators had requested information from at least eight companies whose data had been breached, largely in response to FireEye’s report on Fin4.
In Mr. Saldarriaga’s case, it appears that the prosecutorial trail ends with him even though some of those who hired him appear to have been aware of what he was doing. Mr. Saldarriaga’s clients are known to have included lawyers, wealthy people and even other private investigators, some of whom referred cases to him because he had a reputation for gaining access to email accounts, said people briefed on the matter but not authorized to speak publicly about the investigation.
Tony Ortega, a former editor of The Village Voice who has written about Scientology and its practices for nearly two decades, was told in late May that he had been a victim of Mr. Saldarriaga’s email hacking. In a letter to prosecutors, Mr. Ortega said that he and other journalists who have written about Scientology have been targets of private investigators and that he believed Mr. Saldarriaga was hired by the church to gather information about him.
He said it would be a “miscarriage of justice” to sentence Mr. Saldarriaga “without pressing him” for information about who he was working for and who hired him.
Michael Rinder, a former spokesman for the Church of Scientology, also submitted a victim impact statement to prosecutors on Thursday.
Another victim, one of the roughly 50 people whose emails may have been reviewed by Mr. Saldarriaga, said he planned to address the judge at the sentencing.
That person, a man who lives in Southern California, requested permission to address Judge Richard J. Sullivan of Federal District Court in Manhattan through a videoconferencing system and planned to tell the judge that prosecutors should let the victims know who hired the investigator. The man, a professional gambler who said he anonymously contributes some of his winnings to charitable causes, says prosecutors have told him that he will not have to disclose his identity in court. He said he was concerned about information in his emails falling into the wrong hands.
“For this one guy, to be sentenced today for a crime he did for other people would be a miscarriage of justice,” the man said in an email statement on Thursday. “Clearly everyone that was involved in this crime, including the people that hired him or had any part in this, need to be prosecuted to the full extent of the law.
Under federal law, crime victims are entitled to submit a statement or address a judge before the sentencing.
Identifying the victims of hacking by Mr. Saldarriaga has not been easy. To locate some, prosecutors issued subpoenas to Google and other email providers, asking them to pass on the contact information for the people suspected of having had their emails rummaged through.
In his pre-sentencing memorandum, Peter Brill, a lawyer for Mr. Saldarriaga, asked Judge Sullivan to sentence his client to a three-year probationary sentence. Mr. Brill said that Mr. Saldarriaga was remorseful for his actions and knows that he did something wrong.
“He didn’t make a lot of money ever,” Mr. Brill said. “A lot of his email intrusions were for personal use, not for his business.”
Mr. Saldarriaga, in a letter to Judge Sullivan, said that while his actions were wrong, he was often motivated by a desire to do the right thing.
In one case, he said, he reviewed the emails of a woman whom a potential client had wanted investigated in order to see if the client was being truthful about claims he made about the woman. Mr. Saldarriaga said that in reviewing the woman’s emails, he learned that the man was not telling the truth and might have been stalking her.
He said he declined the assignment and sent an anonymous letter to the woman, warning her about the man’s intentions.
“Despite the illegality of my actions, I take solace in the fact that I may have protected a potential victim from serious harm,” Mr. Saldarriaga said in his letter to the judge.
Prosecutors said it was true that some of Mr. Saldarriaga’s email intrusions had nothing to do with his business as a private investigator and were motivated by his personal interests. But authorities said none of that diminishes the seriousness of the invasion of privacy.
“It goes without saying that email accounts oftentimes contain individual’s most personal communications, including correspondence about one’s personal relationships, finances, business affairs and medical information,” Mr. Noble, the prosecutor, said in the pre-sentencing memorandum. “Through his email hacking activities, the defendant repeatedly intruded into these intimate discussions.”
A version of this article appears in print on June 26, 2015, on page B1 of the New York edition with the headline: Prosecutors Urge Prison for Private Detective Who Hacked Email.