Danish credential reseller loses PC, is fined, gets suspended jail term; must pay lawyer fees

Sponsor ad - 728w x 90h (at 72 dpi)

From September 2021 to March 2022, the 30 year-old offender resold lists with about 500,000 usernames and password combinations for various online services. He had set up an online retail operation through which buyers could individually purchase the login information of legitimate and unsuspecting users.  He also sold access in the form of lists.

The offender sold access to services that included HBO Max, Paramount+, TV2 Play, Viaplay and Podimo.  He also sold log-in details via Discord.

Sponsor ad

“The convicted person used a data leak to obtain the login information of random customers at a number of online services… (and then) sold the information on both collectively and individually. This … allowed his buyers to abuse the accounts of real customers,” said NSK Deputy Director Brian Kaas Borgstrøm.

According to the Danish Rights Alliance, he received a 40-day prison sentence which was suspended, plus 60 hours of community service. In addition, an amount of DKK 1,733.70 (about US$250.00) and a PC were confiscated. The convicted person must also pay the costs of the case.

Further reading

Convicted of hacking and reselling users’ access information to streaming services. Press release. April 16, 2024. Danish Rights Alliance (RettighedsAlliancen)

Resale of leaked login information results in a prison sentence.  Press release. April 15, 2024. National Unit for Special Crime (NSK – National enhed for Særlig Kriminalitet), Denmark

Why it matters

The sale of stolen login credentials is a common piracy business model which occurs around the world.  Different jurisdictions apply different levels of penalty against pirates.  In this particular case, the penalties might be sufficient for this particular offender, but other jurisdictions might see them as much of a disincentive.  In some cases, fines run into the millions.

“The case is a reminder that data leaks can lead to misuse by customers. Therefore, it is a good idea if you as a user regularly change your password and do not use the same code across services,” said NSK’s Borgstrøm.

Print Friendly, PDF & Email
From our Sponsors