Bloomberg Anywhere Login

Bloomberg

Connecting decision makers to a dynamic network of information, people and ideas, Bloomberg quickly and accurately delivers business and financial information, news and insight around the world.

Company

Financial Products

Enterprise Products

Media

Customer Support

  • Americas

    +1 212 318 2000

  • Europe, Middle East, & Africa

    +44 20 7330 7500

  • Asia Pacific

    +65 6212 1000

Communications

Industry Products

Media Services

Follow Us

U.K. Hacker Is Charged With Theft of Data From U.S. Army

U.K. hacker Lauri Love stole identifying information of workers at National Aeronautics and Space Administration, the Missile Defense Agency and the Army Network Enterprise Technology Command. Photographer: Andrew Harrer/Bloomberg
U.K. hacker Lauri Love stole identifying information of workers at National Aeronautics and Space Administration, the Missile Defense Agency and the Army Network Enterprise Technology Command. Photographer: Andrew Harrer/Bloomberg

Oct. 28 (Bloomberg) -- A U.K. hacker stole “massive amounts” of confidential data from the U.S. Army and the U.S. Missile Defense Agency, including service members’ personal information, the U.S. said.

Lauri Love, 28, and others also breached computer systems at the Environmental Protection Agency and the National Aeronautics and Space Administration, according to Paul Fishman, the U.S. attorney in New Jersey. Love was arrested Oct. 25 at home in Stradishall, England, said Fishman today.

“They stole military data and personal identifying information belonging to servicemen and women,” Fishman said in a statement. “Such conduct endangers the security of our country and is an affront to those who serve.”

Love stole identifying information of workers at NASA, the Missile Defense Agency and the Army Network Enterprise Technology Command, according an indictment unsealed today in federal court in Newark, New Jersey. Criminal complaints also were unsealed in Newark and Alexandria, Virginia.

The hackers also stole data on the demolition and disposal of military facilities, natural-resource management, defense program budgeting data and nonpublic competitive acquisition bid data, according to Fishman.

Love also hacked into computers at the U.S. Department of Health and Human Services, Energy Department, Sentencing Commission and Regional Computer Forensics Laboratory, according to a complaint unsealed in Alexandria. He stole personal information about employees of the computer forensics laboratory and the Federal Bureau of Investigation, according to an arrest complaint filed by the FBI.

Five Years

Love’s arrest came in connection with an investigation by the U.K.’s National Crime Agency, according to Fishman. He faces as long as five years in prison on the New Jersey charges.

The hacking “substantially impaired the functioning of dozens of computer servers” and caused millions of dollars in damage to government agencies, according to the indictment.

Love conspired with two people in Australia and a resident of Sweden from October 2012 to this month, prosecutors said.

“Computer intrusions present significant risks to national security and our military operations,” Daniel Andrews, director of the U.S. Army Criminal Investigation Command’s computer crime investigative unit, said in a statement.

In some attacks, the hackers found weaknesses in Structured Query Language, a type of programming language, the U.S. said. In others, they attacked a Web application platform known as Coldfusion. They placed malicious code that let them maintain access through a so-called back door or shell, according to the indictment.

Chat Rooms

They communicated using secure Internet chat rooms, where they frequently changed online monikers, prosecutors said.

On Dec. 25, Love began a monthlong hack of computers at the Sentencing Commission, according to an FBI complaint. The commission sets sentencing policies for federal courts, including guidelines for various federal crimes.

Love and his conspirators “altered the website to display a video that criticized the guidelines with respect to Internet-related crimes,” according to the FBI complaint. As a result, the site was unavailable for three weeks.

Love left several clues about his hacks, according to the FBI. In October 2012, he originated a hack from an Internet domain he owned, according to subscriber and financial records cited by the FBI. Love paid for the domain with a PayPal Inc. account registered to lauri.love@gmail.com, the FBI said.

The PayPal payment originated from an Internet Protocol address associated with his U.K. address, the FBI complaint said.

The indictment is U.S. v. Love, U.S. District Court, District of New Jersey (Newark). The FBI complaint is U.S. v. Love, 13-mj-00657, U.S. District Court, Eastern District of Virginia (Alexandria).

To contact the reporter on this story: David Voreacos in federal court in Newark, New Jersey, at dvoreacos@bloomberg.net

To contact the editor responsible for this story: Michael Hytha at mhytha@bloomberg.net

Please upgrade your Browser

Your browser is out-of-date. Please download one of these excellent browsers:

Chrome, Firefox, Safari, Opera or Internet Explorer.