September 25, 2016
A Romanian hacker received a ten-year prison sentence last week after he previously pleaded guilty to hacking several US companies and stealing data from their networks.
The hacker’s name is Mircea-Ilie Ispasoiu, 31, of Drobeta-Turnu Severin, Romania, and he was arrested on November 13, 2014, in Romania. At the time of his arrest, Ispasoiu worked as a computer systems administrator at a large financial institution in Romania.
On January 26, 2015, the Bucharest Court of Appeal granted his extradition to the US. Ispasoiu arrived in New Jersey on March 20, 2015, and three days later appeared in the Newark federal court, where he was arraigned. He pleaded guilty a year later, on March 2, 2016.
Ispasiou hacked several companies from August 2011 through February 2014. He acknowledged using malware (a remote access trojan – RAT) to infect the computer systems of several US companies.
Among his victims, the Department of Justice named a restaurant in Montclair, New Jersey; a car dealership in North Brundswick, New Jersey; a medical office in Phoenix, Arizona; and a large security firm operating across the US.
US officials say he used the RAT to collect login credentials for sensitive systems. Ispasoiu then used these logins to access the victims’ networks and steal information such as personally identifiable information (PII) and payment card data.
Ispasoiu’s most famous hack is that in which he breached a security company that ran background checks for job applicants across the US. From their systems, the hacker stole the applicants’ personal identifying information, such as names, addresses, social security numbers and fingerprints.