6 Mar 2015

Why hacking is not a victimless computer crime

Hacking often seems a victimless offence. When the National Crime Agency announces it’s arrested 57 alleged computer hackers, it’s easy to believe that the crimes they’re accused of didn’t really “harm” anyone.

Not true. One of the incidents being investigated by the NCA is the hacking of a Yahoo! service back in 2012. More than 400,000 email addresses and passwords were leaked online by the D33Ds gang, and remain there to this day (and there’s a limited amount Yahoo! can do about that).

I contacted many of those affected: some replied to say they’d suffered no ill effects, but other responses show that such hacking incidents can cause distress, frustration and, in some cases, tangible loss.

“I’ve had numerous problems since my email address was released. I get a ton of spam. Even more troubling, though, is that people are actively using my email address as though it were their own. One woman used my email address as her kids’ contact information for their school.”


“Someone signed in at Walmart.com and immediately changed the email address and password. Walmart notified me that it happened but would not help me get my account back. My financial information was in that account so I had to contact the bank for a new debit card.

“I receive tons of phishing and spam emails. I get hundreds of those messages each day.”

“I did experience several cases of my other online accounts being accessed as a result of this incident. I had to change every account username and password.”

Some were comforted by the fact that an arrest had been made in connection with the hack. Others doubted whether it would really change anything.

The hackers, of course, aren’t interested in the people behind the personal data they gain. But if their inbox contained the kind of messages I’ve received today, they’d be quick to realise computer crime is far from victimless.

Follow @geoffwhite247 on Twitter