Two hackers pleaded guilty to conspiring to commit computer intrusion and aggravated identity theft. Sagar Steven Singh and Nicholas Ceraolo, charged in March 2023, admitted to using a stolen law enforcement officer's password to gain unauthorized access to a nonpublic portal maintained by a US law enforcement agency.
The hackers, operating under the moniker “ViLE,” concocted a scheme that involved doxing and extortion tactics to extract money from their victims. According to officials, Singh and Ceraolo gathered sensitive personal information, including Social Security and driver's license numbers, and threatened to post this data publicly unless paid to remove it. The duo employed various illicit methods to obtain personal information, which they then used to harass, threaten, or extort their victims.
These tactics included: tricking customer service employees, submitting fraudulent legal requests to social media companies for users’ registration information, corrupting corporate insiders, searching public and private online databases, unauthorized access to a nonpublic US government database, illegally using official email accounts from other countries.
According to officials, Singh and Ceraolo compromised the password-protected online portal maintained by a US federal law enforcement agency, designed to share intelligence from government databases with state and local law enforcement agencies. It provided access to detailed, nonpublic records of narcotics and currency seizures, as well as law enforcement intelligence reports.
In one instance, Singh threatened to “harm” a victim’s family unless the victim provided Instagram login credentials. To emphasize the threat, Singh appended the victim’s Social Security number, driver’s license number, home address, and other personal details in his communication.
Both Singh and Ceraolo face a maximum sentence of seven years in prison.
