A former software engineer with Yahoo has pled guilty to hacking into approximately 6,000 user accounts, including those of his friends and colleagues, in order to search for explicit or sexual material.
Reyes Daniel Ruiz, 34, has been accused of hacking into thousands of Yahoo accounts through his work at the company in an attempt to find sexual images and videos from the account holders.
These were accounts primarily belonging to younger women, according to the US Attorney's Office for the Northern District of California.
Ruiz made copies of images and videos he found without permission, and stored the data at his home. He also admitted to taking this a step further and compromising the iCloud, Facebook, Gmail, Dropbox and other online accounts of the victims in order to search for more explicit photos and videos.
"In pleading guilty, Ruiz, a former Yahoo software engineer, admitted to using his access through his work at the company to hack into about 6,000 Yahoo accounts," the US Attorney's Office said.
"Ruiz cracked user passwords, and accessed internal Yahoo systems to compromise the Yahoo accounts.
"After his employer observed the suspicious account activity, Ruiz admitted to destroying the computer and hard drive on which he stored the images."
Ruiz was indicted on 4 April and charged with one count of Computer Intrusion, and one count of Interception of a Wire Communication, pleading guilty to the latter. The maximum penalty for each count is five years in prison and a fine of $250,000.
Although these laws apply in the US only, one piece of legislation that serves as the equivalent in the UK is the Computer Misuse Act 1990, which is designed to prevent information theft from computer systems.
Research from 2016 found that more than a third of employees were routinely violating this law, although not to the extent of Ruiz's offences.
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
Computer Misuse Act 'putting critical UK infrastructure at risk'News The 30 year-old legislation also prevents cyber security professionals from doing their jobs, it's claimed
-
237 police officers disciplined over computer misuseNews FOI request reveals UK forces failing basic IT best practices
-
Almost 100 HMRC staff disciplined over computer misuse, FOI revealsNews Staff dismissed over misuse of emails, computer equipment and social media
-
Six-month sentence handed for data abuse in landmark ICO prosecutionNews Data regulator hints seeking tougher punishment was an effort to change behaviour in how personal data is held and processed
-
NCSC unveils new cyber attack classification systemNews The framework categorises everything from individual hacks up to national cyber emergencies
-
British 'hacker' Lauri Love wins High Court appeal against US extraditionNews Love is now expected to stand trial in the UK on charges of US hacking
-
36% of ex-employees are breaking the computer misuse actNews Companies are failing to revoke access when IT workers leave
