Insider tries to scam Dice after hacking company he sold to Dice

David Kent sold his social network Rigzone to Dice, created a competing company, hacked the first company to build up the new company, then tried to sell the new company to Dice.

Insider tries to scam Dice after hacking company he sold to Dice
Kasper Pempel/Reuters

David W. Kent thought he could get away with hacking into a company he sold to DHI Group Inc. (Dice), build up the competing company he created, then sell the new company to Dice again. No dice.

Instead, Kent faces a year and a day in federal prison for repeatedly hacking into a computer database to which he was not authorized. The 366-day sentence was imposed by U.S. District Judge Denise L. Cote, who commented, “This was a betrayal of trust, a breach of loyalty, and a level of deceit and dishonesty that was very sad and disappointing.”

According to the Department of Justice (DOJ), Acting Manhattan U.S. Attorney Joon H. Kim said: “David Kent admitted to hacking into a competitor’s computer network and stealing client data to boost the value of Oilpro, a company he founded. Kent then attempted to sell Oilpro — a company he grew using the stolen information — to the very company he had hacked. For his criminal attempts to gain an unfair business edge, Kent has now been sentenced to prison.”          

Kent’s back story: Rigzone and Oilpro

In March 2000, Kent founded a social network portal specific to the oil and gas industry, Rigzone. The concept was like that of LinkedIn, where members created profiles and uploaded their resumes to a database. Employers would post jobs and review resumes to find new hires. Rigzone made its money by charging fees to companies and via advertising.

Dice bought Rigzone in August 2010. It paid $39 million in cash and an additional $16 million upon achievement of milestones during the following 10 months.

In 2010, Rigzone had 270,000 resumes and was visited by over 500,000 unique visitors a month.

Kent’s continued engagement was part of the deal. He left Rigzone in September 2011, and in October 2013, when his two-year non-compete agreement expired, he founded Oilpro, which would directly compete with Rigzone.

Hacker breadcrumbs leading to Kent's arrest

As the creator of Rigzone, and as a trusted insider, Kent had intimate knowledge on how the industry portal operated. Such was this knowledge, the DOJ tells us in the criminal complaint, that he was able to siphon off the resumes and contact information of the Rigzone membership. It wasn't long until one of the members complained to Rigzone about the unsolicited inquiry they received from Oilpro, which was based on the information contained in the individual’s Rigzone profile. The first Oilpro breadcrumb.

Rigzone investigated. They found zero queries on the individual’s profile. They weren’t able to sort out how the information was accessed, so they salted the database. 

Taking a page from the mailing list rentals of old, in April 2014, Rigzone put two fictitious entries into the corpus. These two fictitious entries shortly thereafter received a solicitation from the “new” portal, Oilpro. A review of the logs showed no inquiries had been made of the fictitious individual’s accounts. Access was occurring in another manner. The second Oilpro breadcrumb.

Rigzone dug deeper. They discovered that between October 2013 and April 2014, they had 100,000 requests made to the Rigzone members database. The request contained the “get resume” command. Oilpro obtained 96,000 resumes via this methodology. The criminal complaint notes that Oilpro’s membership increased dramatically.

Then, between June 2015 and August 2015, Olipro took a second pass at Rigzone. In this instance, they exploited a file called “resume_writer.asp” using the unique command structure to avail to themselves to approximately 700,000 resumes.

Oilpro also accessed the Rigzone Google Analytics account and was able to determine the exact number of visitors and their activity within the portal.

Perhaps Kent wasn’t the brightest bulb in the chandelier. He used 33 different IP addresses to attack Rigzone, which included a number of IP addresses registered to Single Integrated Operations Portal Inc. (SIOPCO), a Houston-based company co-founded by Kent in April 2012. The third and final Oilpro breadcrumb.

Kent’s greed factor

Shortly after purloining the first batch of resumes, Kent reached out to the CEO of Dice to discuss possible acquisition, according to the criminal complaint. Then in October 2015, he engaged the CEO again, specifically asking Dice to purchase Oilpro for $20 million. Unbeknownst to Kent, the breadcrumbs were sufficient evidence to Dice that they had identified Oilpro and they brought the FBI into the mix. Kent was arrested in March 2016. 

The $51 million purchase of Rigzone by Dice, of which Kent is believed to have received 70 percent, was apparently insufficient. Kent's greed took over and he tried to sell to Dice that which he stole from Dice.

Oilpro shut down permanently on July 31, 2017, and went offline on Aug. 2, 2017.

Dice’s day in court is coming

DHI Group (Dice) brought suit against Kent, Estevan Dufrin, Bryan Robins, Matthew Kent, Jeremy Antonini, and Oilpro in June 2016. In July 2017, according to federal court documents, this civil suit was ordered “Stayed” until Kent was sentenced.

Prior to the stay, Kent had agreed during mediation to pay $2.9 million in restitution, contingent upon DHI assisting Kent in his criminal case, court transcripts tell us. However, DHI wasn’t going to assist the gent who tried to scam them.

Based on a review of the July 7, 2017, status conference, Kent’s attorneys will attempt to bring the amount of restitution/damages down from the agreed $2.9 million to $120,000. Judge Nancy K. Johnson of the U.S. District Court for the Southern District of Texas, noted wryly to Kent’s attorney, “Judges don’t like to take back the orders that they sign, so good luck with that.”

On Sept. 28, 2017, DHI’s request to lift the stay occurred, and the court has ordered a status conference to occur on Oct. 16, 2017.

----------------

Disclosure: Christopher Burgess is a regular contributor to DHI’s Clearancejobs blog.

NEW! Download the Winter 2018 issue of Security Smart