Former Navy IT Manager Sentenced to Prison for Hacking, Selling PII

A former US Navy IT manager was sentenced to five years and five months in prison for hacking into a database, stealing personally identifiable information (PII), and selling it on the dark web.

The man, Marquis Hooper, 32, of Selma, California, who was a chief petty officer, opened under false pretenses an account at a private company operating a database containing the PII of millions of individuals.

While the company only provides access to the database to businesses and government agencies that demonstrate a lawful need for PII, Hooper claimed that he needed the account to perform background checks on behalf of the Navy.

Hooper then added to the account his wife and co-defendant, Natasha Chalk, a reservist in the Navy, and together they stole the PII of more than 9,000, which they then sold on the dark web, for $160,000 in Bitcoin.

According to court documents, at least some of the buyers used the PII to perform crimes, such as creating fake driver’s licenses to withdraw money from the victim’s account.

Hooper opened the account in August 2018, but the company running the database closed it in December 2018, on suspected fraud.

To regain access to the database, Hooper instructed an unindicted co-conspirator to open a new account at the company, offering to pay $2,500 for each month the account was opened.

Advertisement. Scroll to continue reading.

The co-conspirator attempted to open the account using the same pretenses as Hooper, but the company required confirmation from a Navy officer.

According to court documents, Hooper provided the co-conspirator with a fake contract, a false driver’s license, and a forged letter allegedly from a Navy commanding officer, all created using the PII of an identity theft victim.

The fake documents, which allegedly identified a Navy officer, were submitted to the company, but it did not open the new database account, court records show.

Scheduled for sentencing on November 20, Natasha Chalk faces up to 20 years in prison and a fine of $250,000.

Related: Nigerian Man Sentenced to 8 Years in US Prison for $8 Million BEC Scheme

Related: British Twitter Hacker Sentenced to Prison in US

Related: Former Ubiquiti Employee Who Posed as Hacker Sentenced to Prison