An American man who posted the information on thousands of Bell Canada customers online has been sentenced to almost four years in U.S. federal prison.
The 22-year old Tennessee man hacked login and passwords combination for thousands of Bell Canada customers after discovering a vulnerability within the carrier’s subscriber network, reports the Ottawa Citizen.
The man’s sentence was handed down in Chicago, Illinois. The man’s 15-year old Canadian counterpart avoided incarceration despite having helped to facilitate the cyber attack against several other U.S.-based businesses, universities and government agencies between October 2012 and October 2015.
Neither name can be mentioned due to a publication ban on the Canadian teen’s case. Millions of files were reportedly extracted from Bell Canada’s network, over 300 thousand of which contained client information. The American-based hacker tweeted approximately 12,700 of those logins and their associated passwords.
The RCMP learned of an FBI investigation into the hack in February 2014, at which point the two suspects had already been identified. The attacks, including the Bell Canada hack, were carried out on an undercover FBI server that NullCrew, a hacktivist group the two suspects were a part of, had been given access to.
After the teen reportedly pleaded guilty to the unlawful use of a computer, they were given a conditional discharge, 100 hours of community service and were ordered to stay off internet cloud devices and stop hacking. The teen was sentenced under Canada’s Youth Criminal Justice Act.
The U.S. Attorney’s office said that the attacks caused over $792 thousand in monetary losses for the victim companies.