NEWS

Welsh Credit Card Hacker Avoids Jail Sentence

Print Version
E-Mail Article
Reprints

By Michael Mahoney
E-Commerce Times
07/06/01 9:57 PM PT

The Welsh teenager maintained from the beginning that his motivation for the hacks was to prove how insecure e-commerce sites are.


If you're ready to take your Java skills to the next level, we're ready for you! The Online Business Unit at Sears Holdings Corporation is hiring for Developers, Architects, Business Analysts, Project Managers, and Delivery Managers. Apply online.

The self-proclaimed "Saint of E-Commerce," a 19-year-old Welsh teenage hacker Latest News about hacker named Raphael Gray, was sentenced Friday in a Wales court to three years of psychiatric and community service rehabilitation for posting the hacked credit card details of thousands of people to the Web, according to reports in the London Register.

Gray, who also went by the hacker name "Curador," pled guilty in March to two charges of obtaining services Rackspace now offers green hosting solutions at the same cost without sacrificing performance. Make the eco-friendly choice. by deception and six charges of intentionally accessing sites containing credit card details. The offenses fell under the UK's Computer Misuse Act of 1990.

According to the U.S. Federal Bureau of Investigation (FBI), Gray stole more than 23,000 credit card numbers from multiple e-commerce sites worldwide, with losses in fraudulent charges estimated to be above US$3 million.

It took the FBI and Welsh authorities over a month to track down and raid the premises of "the Saint," who operated out of his parents' home in a small Welsh town.

Motive and Means

Gray has maintained from the beginning that his motivation for the hacks was to prove how insecure e-commerce Ready to be amazed? Click here to experience the eCommerce platform of the future. Free Demo. sites are.

"Maybe one day people will set up their sites properly before they start trading because otherwise this won't be the last page I post to the Net," Gray said on his Web site. "If your site is broken into, you should spend more time asking why and not who."

At the Gates

Gray also claimed to have stolen the credit card details of Bill Gates, which several other news sources stated he posted to his Web sites and used to send a shipment of Viagra to the Microsoft (Nasdaq: MSFT) Latest News about Microsoft chief. However, the London Register said the alleged Gates details were obviously phony.

Visits to a mirror version of Gray's site on Attrition.org revealed that the Gates' data was probably not accurate. The site states: "The number does not look valid but orders had been taken on this card at the site I got it from so judge for yourself."

Gray's efforts to expose e-commerce security flaws also reportedly led to the closure of several of the sites he hacked.

Defense Not Heard

According to the Register, Gray's defense prior to pleading guilty was that because there was no way he could establish that his access to the credit card numbers was authorized, it could not be proven to be unauthorized -- which would mean that no hacking had actually taken place.

However, these arguments, which could potentially have led to a significant line of defense for hackers, were never tested in court due to Gray's eventual guilty plea.

The defense said that a head injury suffered by Gray four years ago, as well as chronic low self-esteem, were among the reasons behind his actions.

Published sources said that Gray appeared not to regret what he had done.

"I would do it all again but another time I would choose to ensure that I acted legally," he told the UK's Press Association news agency.

Social Networking Toolbox:
Talkback: Be the first to comment on this story.

Print Version E-Mail Article Reprints More by Michael Mahoney   RSS

Don't miss a story -- sign up for our FREE e-mail newsletters and view the latest headlines at a glance.
Tech News Flash [ View Sample ]
E-Commerce Minute [ View Sample ]
ECT News Network Weekly Newsletter [ View Sample ]