6 Mar 2015

Why hacking is not a victimless computer crime

Hacking often seems a victimless offence. When the National Crime Agency announces it’s arrested 57 alleged computer hackers, it’s easy to believe that the crimes they’re accused of didn’t really “harm” anyone.

Not true. One of the incidents being investigated by the NCA is the hacking of a Yahoo! service back in 2012. More than 400,000 email addresses and passwords were leaked online by the D33Ds gang, and remain there to this day (and there’s a limited amount Yahoo! can do about that).

I contacted many of those affected: some replied to say they’d suffered no ill effects, but other responses show that such hacking incidents can cause distress, frustration and, in some cases, tangible loss.

“I’ve had numerous problems since my email address was released. I get a ton of spam. Even more troubling, though, is that people are actively using my email address as though it were their own. One woman used my email address as her kids’ contact information for their school.”


“Someone signed in at Walmart.com and immediately changed the email address and password. Walmart notified me that it happened but would not help me get my account back. My financial information was in that account so I had to contact the bank for a new debit card.

“I receive tons of phishing and spam emails. I get hundreds of those messages each day.”

“I did experience several cases of my other online accounts being accessed as a result of this incident. I had to change every account username and password.”

Some were comforted by the fact that an arrest had been made in connection with the hack. Others doubted whether it would really change anything.

The hackers, of course, aren’t interested in the people behind the personal data they gain. But if their inbox contained the kind of messages I’ve received today, they’d be quick to realise computer crime is far from victimless.

Follow @geoffwhite247 on Twitter

2 reader comments

  1. AnonWolfTV says:

    Hacking is a two sided (sometimes three) debate. On the one hand, you have the criminal element who want to defraud innocent poeple, on the other, you have activists who seek to get to the truth of the matter, from those who wish to hide their criminal activity, some of which is done in public office. But to lump them all together in this report tars them all with the same brush. It’s like saying journalists hack peoples mobile phone messages to get scoops. You wouldn’t say it would you? No, you would clearly differentiate between the two types of journalists. Which I think you have failed to do in this post.

  2. Fredrik Beckman says:

    Again and again we see these hacks targeting common user data. Data that then is being used in scams and fraud. It is a huge mistake to think that no-one is interested in you since you are not important. You are important to cyber criminals if you don’t protect yourself.

    Identity theft is on the rise through methods called “social engineering”. By getting access to your e-mail, for instance, a con artist can pose as you. Even worse, if they get access to your actual e-mail account they will quickly have access to all your passwords since they are being mailed to you. Or they can try to reset your password on a service, and the reset link gets mailed to you, for them to use.

    When this happens you will notice since you suddenly find that you have bought stuff you haven’t bought. Or your house or car has been sold without you knowing.

Comments are closed.