Plus 200,000 PayPal users and Nokia's 8,000 staff list A UK man has been given a two-year jail sentence for a stunning 20-month hacking spree during which he stole the personal details of millions of Britons, including several thousand credit card numbers.There have been a number of high-profile hacking cases in recent years but the scale of the data theft executed by York-based Edward Pearson, 23, sets a new benchmark for the UK.According to the prosecution at last week’s trial at Southwark Crown Court, one of Pearson’s computers contained the names, dates of birth and address postcodes for a staggering 8,110,434 UK adults, the source of which was not revealed.If printed out double-sided, this database would have consumed 67,500 pages of A4 paper, police officers investigating the case reportedly said. Pearson was also said to have downloaded the details for 200,000 PayPal users, possibly from a crime forum, and hacked the internal network of phone giant Nokia, stealing details of 8,000 staff and causing a week’s disruption. Police also found 2,701 active credit cards numbers among the data.The data was taken between 1 January 2010 and 30 August 2011, some of it using the popular Zeus and SpyEye Trojans. A report in The Daily Mail newspaper referred to ‘Python’ as a third form of malware although this is in fact a reference to the scripting program Pearson would have used to automate the download of the PayPal data. The hacking campaign started to unravel after Pearson’s girlfriend, Cassandra Mennim, 21, used stolen credit card numbers to book rooms at the Cedar Court Grand and Lady Anne Middleton hotels in York. Police eventually linked Pearson’s online alias ‘G-Zero’ to his email address.Pearson was sentenced to two years and two months, jail time that would have been far worse had he made more use of the vast cache of stolen data taken by him. The sums actually defrauded by the pair were tiny by hacking standards at only APS2,351 ($3,700).“This is a young man who has very advance computer skills, but has put them to the wrong use, but he is not the criminal mastermind that everyone claims he is,” defence lawyer Andrew Bodnar was quoted as saying by The Daily Mail.In February, another York-based man was jailed for 8 months for hacking Facebook servers in 2011. Related content news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Advanced Persistent Threats Advanced Persistent Threats brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security news Gitlab fixes bug that exploited internal policies to trigger hostile pipelines It was possible for an attacker to run pipelines as an arbitrary user via scheduled security scan policies. By Shweta Sharma Sep 21, 2023 3 mins Vulnerabilities feature Key findings from the CISA 2022 Top Routinely Exploited Vulnerabilities report CISA’s recommendations for vendors, developers, and end-users promote a more secure software ecosystem. By Chris Hughes Sep 21, 2023 8 mins Zero Trust Threat and Vulnerability Management Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe