• United States



by John E Dunn

Hacker jailed for stealing identities of 8 million UK citizens

Apr 04, 20122 mins
Consumer ElectronicsData and Information SecuritySecurity

Plus 200,000 PayPal users and Nokia's 8,000 staff list

A UK man has been given a two-year jail sentence for a stunning 20-month hacking spree during which he stole the personal details of millions of Britons, including several thousand credit card numbers.

There have been a number of high-profile hacking cases in recent years but the scale of the data theft executed by York-based Edward Pearson, 23, sets a new benchmark for the UK.

According to the prosecution at last week’s trial at Southwark Crown Court, one of Pearson’s computers contained the names, dates of birth and address postcodes for a staggering 8,110,434 UK adults, the source of which was not revealed.

If printed out double-sided, this database would have consumed 67,500 pages of A4 paper, police officers investigating the case reportedly said.

Pearson was also said to have downloaded the details for 200,000 PayPal users, possibly from a crime forum, and hacked the internal network of phone giant Nokia, stealing details of 8,000 staff and causing a week’s disruption. Police also found 2,701 active credit cards numbers among the data.

The data was taken between 1 January 2010 and 30 August 2011, some of it using the popular Zeus and SpyEye Trojans. A report in The Daily Mail newspaper referred to ‘Python’ as a third form of malware although this is in fact a reference to the scripting program Pearson would have used to automate the download of the PayPal data.

The hacking campaign started to unravel after Pearson’s girlfriend, Cassandra Mennim, 21, used stolen credit card numbers to book rooms at the Cedar Court Grand and Lady Anne Middleton hotels in York. Police eventually linked Pearson’s online alias ‘G-Zero’ to his email address.

Pearson was sentenced to two years and two months, jail time that would have been far worse had he made more use of the vast cache of stolen data taken by him. The sums actually defrauded by the pair were tiny by hacking standards at only APS2,351 ($3,700).

“This is a young man who has very advance computer skills, but has put them to the wrong use, but he is not the criminal mastermind that everyone claims he is,” defence lawyer Andrew Bodnar was quoted as saying by The Daily Mail.

In February, another York-based man was jailed for 8 months for hacking Facebook servers in 2011.