A Colombian man who used keylogging software in a lucrative identity theft scheme has been sentenced to nine years in prison and ordered to pay restitution of US$347,000.Mario Simbaqueba Bonilla, 40, pleaded guilty in U.S. federal court in January to conspiracy, access device fraud and aggravated identity theft. His scheme, which he carried out alone and with a co-conspirator between 2004 and 2007, had more than 600 victims worldwide, including employees of the U.S. Department of Defense, according to the Department of Justice.Bonilla installed keylogging software on hotel business-center computers and Internet lounges in order to steal passwords and other personal data. Then he and his partner used complex computer intrusion methods to steal money from accounts. After transferring the money to credit and debit cards or cash, Bonilla used it to buy electronics and pay for luxury travel to Hong Kong, France, Jamaica, the U.S. and other places, according to the Justice Department. The court pegged the actual and attempted losses from the scheme at $1.4 million.Bonilla was arrested by federal agents last August when he flew into the U.S. with a laptop, purchased with stolen funds, that contained personal and financial information on more than 600 people. In addition to the prison term and restitution, Bonilla was sentenced to three years of supervised release after his release. Related content news Amazon’s AWS Control Tower aims to help secure your data’s borders As digital compliance tasks and data sovereignty rules get ever more complicated, Amazon wants automation to help. By Jon Gold Nov 28, 2023 3 mins Regulation Regulation Government news North Korean hackers mix code from proven malware campaigns to avoid detection Threat actors are combining RustBucket loader with KandyKorn payload to effect an evasive and persistent RAT attack. By Shweta Sharma Nov 28, 2023 3 mins Malware feature How a digital design firm navigated its SOC 2 audit L+R's pursuit of SOC 2 certification was complicated by hardware inadequacies and its early adoption of AI, but a successful audit has provided security and business benefits. By Alex Levin Nov 28, 2023 11 mins Certifications Compliance news GE investigates alleged data breach into confidential projects: Report General Electric has confirmed that it has started an investigation into the data breach claims made by IntelBroker. By Shweta Sharma Nov 27, 2023 3 mins Data Breach Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe