UNITED STATES DISTRICT COURT
FOR THE CENTRAL DISTRICT OF CALIFORNIA
UNITED STATES OF AMERICA, ) CR 96-881
)
Plaintiff, ) I N D I C T M E N T
)
v. ) [18 U.S.C. § 1029: Possession
) of Unauthorized Access
KEVIN DAVID MITNICK, AND ) Devices; 18 U.S.C.
LEWIS DEPAYNE, ) § 1030(a)(4): Computer Fraud;
) 18 U.S.C. § 1030(a)(5):
Defendants. ) Causing Damage To Computers;
) 18 U.S.C. § 1343: Wire Fraud;
) Interception of Wire or
) Electronic Communications;
) 18 U.S.C. § 2(a): Aiding and
) Abetting; 18 U.S.C. § 2(b):
_________________________________) Causing and Act to be Done]
The Grand Jury charges:
COUNTS ONE THROUGH FOURTEEN
[18 U.S.C. §§ 1343, 2a, 2b]
INTRODUCTION
1. Beginning in or around June 1992 and continuing until
February 1995, defendant KEVIN DAVID MITNICK, aided and abetted
by defendant LEWIS DEPAYNE and others known and unknown to the
Grand Jury, carried out a scheme to defraud, and to obtain
property by means of false pretenses, representation and
promises, by: (a) obtaining unauthorized access to computers
belonging to numerous computer software and computer operating
systems manufacturers, cellular telephone manufacturers, Internet
Service Providers, and educational institutions; and (b)
stealing, copying, and misappropriating proprietary computer
software belonging to the companies described below (collectively
referred to as "the victim companies").
THE VICTIM COMPANIES
2. Motorola, Inc. ("Motorola") is an electronics and
computer software manufacturer headquartered in Schaumburg,
Illinois. Among other things, Motorola designs and manufactures
computer software used to operate cellular telephones
manufactured by Motorola. Motorola spends substantial sums in
developing its computer software and maintains it as highly
confidential proprietary information. In some instances,
Motorola licenses its computer software for a fee.
3. Nokia Mobile Phones, Ltd. ("Nokia") is a mobile
telephone manufacturer headquartered in Finland. Nokia also has
offices in the United Kingdom and in the United States. Among
other things, Nokia designs and manufactures computer software
used to operate its mobile telephones. Nokia spends substantial
sums in developing its computer software and maintains it as
highly confidential proprietary information.
4. Fujitsu, Limited is an electronics and computer
software company headquartered in Japan. Fujitsu America, Inc.
and Fujitsu Network Transmission Services, Inc. ("FNTS") are
American subsidiaries of Fujitsu, Limited with offices in the
United States (Fujitsu, Limited, Fujitsu America and FNTS are
collectively referred to as "Fujitsu"). Among other things,
Fujitsu designs and manufactures computer software used to
operate cellular telephone networks. Fujitsu spends substantial
sums in developing its computer software and maintains it as
highly confidential proprietary information. In some instances,
Fujitsu licenses its proprietary software for a fee.
5. Novell, Inc. ("Novell") is a computer software company
headquartered in Provo, Utah, with offices throughout the United
States. Among other things, Novell designs and manufactures
proprietary computer software. Novell spends substantial sums in
developing its computer software and maintains it as highly
confidential proprietary information. Novell also licenses its
proprietary software for a fee.
6. NEC, Limited is an electronics and computer software
manufacturer headquartered in Japan. NEC America, Inc. is the
American subsidiary of NEC, Limited, headquartered in Irving,
Texas, with offices throughout the United States (NEC, Limited)
and NEC America, Inc. are hereafter collectively referred to as
"NEC"). Among other things, NEC designs and manufactures
computer software used to operate cellular telephone networks.
NEC spends substantial sums in developing its computer software
and maintains it as highly confidential proprietary information.
NEC also licenses its proprietary software for a fee.
7. Sun Microsystems, Inc. ("Sun") is a computer
manufacturer headquartered in Mountain View, California, with
offices throughout the United States and Canada. Among other
things, Sun designs and manufactures software for computer
operating systems. Sun spends substantial sums in developing its
computers software and maintains it as highly confidential
proprietary information. Sun also licenses its proprietary
software for a fee.
THE INTERNET SERVICE PROVIDERS AND EDUCATIONAL INSITUTIONS
8. Colorado SuperNet ("CNS") is an Internet Service
Provider headquartered in Denver, Colorado. For a fee, CSN
provides customers with computer user accounts that customers may
use to access other computer systems on the Internet.
9. Netcom On-Line Services ("Netcom") is an Internet
Service Provider headquartered in San Jose, California. For a
fee, Netcom provides customers with computer user accounts that
customers may use to access other computer systems on the
Internet.
10. The University of Southern California ("USC") is an
educational institution located in Los Angeles, California.
Among other things, USC owns, maintains and operates a number of
computers for the authorized use of USC faculty, students,
contractors, administrators and other authorized personnel. USC
also provides internet access to authorized users.
THE SCHEME TO OBTAIN THE VICTIM COMPANIES' PROPRIETARY COMPUTER
SOFTWARE
11. Between June 1992 and February 1995, defendant MITNICK,
aided and abetted by defendant DEPAYNE and others known and
unknown to the Grand Jury, in the Central District of California
and elsewhere, carried out a scheme to fraudulently obtain
proprietary computer software belonging to the victim companies.
Defendant MITNICK, aided and abetted by defendant DEPAYNE and
others known and unknown to the Grand Jury, carried out the
scheme, in part, as follows:
12. During the time relevant to this indictment, the victim
companies developed computer software that they maintained as
highly confidential proprietary information. The proprietary
computer software was stored in computers belonging to the victim
companies.
13. In order to circumvent computer security measures
employed by the victim companies to safeguard their proprietary
computer software, defendant MITNICK needed to obtain user
accounts and corresponding passwords on victim companies'
computers so that he could then access these computers as part of
the scheme to obtain the victim companies' proprietary software.
14. Defendant MITNICK, aided and abetted by defendant
DEPAYNE and others known and unknown to the Grand Jury, obtained
confidential computer user accounts and corresponding secret
passwords on victim companies' computers through the following
means.
15. Defendants MITNICK and DEPAYNE, using aliases, deceived
employees of the victim companies into providing them with user
accounts and corresponding passwords by falsely representing that
they were employees of the victim companies. In some instances,
defendant MITNICK, using aliases, called the computer department
of a victim company, posed as an employee of the victim company
working on a special project, and then deceived computer
department personnel into creating a new user account on the
victim company's computers. Often, defendant MITNICK asked the
computer department personnel for a user account which he could
access from remote locations by dialing into the victim company's
computers using a telephone and a computer "modem" (a device that
allows computers to communicate over telephone lines). On other
occasions, defendant MITNICK called employees of a victim
company, impersonated computer department personnel, and then
deceived the unsuspecting employees into providing him with their
secret computer passwords.
16. To conceal his identity and avoid detection when making
these fraudulent telephone calls, defendant MITNICK used stolen
electronic serial numbers and mobile identification numbers to
create numerous "clone" cellular telephones that allowed him to
place unauthorized cellular telephone calls that were billed to,
and hence appeared to have been place by, legitimate cellular
telephone subscribers.
17. Defendant MITNICK, aided and abetted by others known
and unknown to the Grand Jury, obtained other user accounts and
corresponding passwords for victim companies' computers by: (a)
using a computer program that intercepted and captured user
account information and passwords of authorized users as they
logged into the computers of a victim company; (b) copying
"encrypted" (or coded) electronic password files maintained on a
victim company's computer to his own computer and then using
computer software programs to "decrypt" (or decode) the
information contained in the password files so that the passwords
could be identified and used; and (c) intercepting or reading
private electronic mail ("E-mail") communications containing user
account, password, and computer security information.
18. Defendant MITNICK used the fraudulently obtained user
accounts and corresponding passwords to gain unauthorized access
to the computers of the victim companies, and to computers
belonging to Internet Service Providers and educational
institutions. In order to conceal his identity, and to further
avoid detection, defendant MITNICK used "clone" cellular
telephones, computer modems, Internet connections from other
victim companies, or stolen long distance calling card numbers to
access the computers of the victim companies, the Internet
Service Providers, and the educational institutions.
19. Once he obtained initial unauthorized access to a
computer by using fraudulently obtained user accounts and
passwords, defendant MITNICK circumvented internet computer
security measures installed on victim companies' computers for
the purpose of preventing regular users from accessing
information stored in protected parts of the computer systems or
in other authorized user's accounts. Specifically, defendant
MITNICK ran unauthorized computer "hacking" programs on the
computers of some of the victim companies, Internet Service
Providers, and educational institutions that altered or replaced
the existing legitimate programs installed on the computers of
these entities.
20. Defendant MITNICK used unauthorized "hacking" programs
to: (a) circumvent computer security to obtain unrestricted
access to other user accounts and confidential information,
including E-mail, stored on the computers of the victim
companies, Internet Service Providers, and education
institutions; (b) disable computer logs that ordinarily provide a
record of the dates and times when a computer is accessed; and
(c) make his unauthorized entries into victim companies' computer
systems invisible to computer department personnel responsible
for maintaining and securing the computers of the victim
companies, Internet Service Providers, and educational
institutions.
21. By running unauthorized "hacking" programs, defendant
MITNICK was able to obtain undetected "Superuser" status on the
computers of the victim companies, Internet Service Providers and
educational institutions. "Superuser" status permits a user to
access all areas of a computer.
22. Defendant MITNICK used his "Superuser" status to: (a)
obtain access to proprietary computer software and other
confidential information stored in otherwise inaccessible areas
of the computers of the victim companies; and (b) copy,
misappropriate and transfer proprietary computer software, E-
Mail, passwords, and personal information about victim company
personnel.
23. Using computers and modems, defendant MITNICK
electronically transferred the proprietary software from the
victim companies' computers through misappropriated Internet user
accounts, and then to computers belong to USC, which he used
to store the stolen proprietary software.
24. Defendant MITNICK, aided and abetted by defendant
DEPAYNE and others known and unknown to the Grand Jury, also
obtained proprietary computer software by: (a) deceiving victim
company employees into transferring proprietary computer software
to victim company computers and Internet Service Provider
accounts that had been compromised by defendant MITNICK; and (b)
deceiving victim company employees into mailing computer tapes
and disks containing proprietary computer software to defendants
MITNICK and DEPAYNE, posing as other victim company employees or
authorized recipients of the proprietary computer software.
25. Defendant DEPAYNE aided and abetted defendant MITNICK
through various means, including, but not limited to: (a)
providing defendant MITNICK with cellular telephones; (b)
assisting defendant MITNICK in converting cellular telephones
into "clone" cellular telephones by programming them with stolen
electronic serial numbers and mobile identification numbers; (c)
maintaining an Internet account that defendant MITNICK used to
transfer some of the fraudulently obtained proprietary computer
software; (d) placing at least one pretext telephone call to a
victim company posing as an employee of the victim company; and
(e) attempting to have computer tapes containing proprietary
computer software sent via express delivery to a hotel in
Compton, California.
26. Through the means described above, defendant MITNICK,
aided and abetted by defendant DEPAYNE, gained unauthorized
access to numerous computer systems, and obtained, or attempted
to obtain, proprietary computer software worth millions of
dollars.
USE OF INTERSTATE AND FOREIGN WIRES
27. On or about the dates set forth below, in the Central
District of California and elsewhere, defendant KEVIN DAVID
MITNICK, aided and abetted by defendant LEWIS DEPAYNE and others
known and unknown to the Grand Jury, for the purpose of executing
the above described scheme to fraud and to obtain property by
means of false and fraudulent pretenses, representations and
promises, caused the following transmissions by wire
communication in interstate and foreign commerce:
COUNT |
VICTIM |
DATE |
WIRE
TRANSMISSION |
ONE |
Novell |
1/4/94 |
Telephone call from defendant MITNICK aka "Gabe Nault" in
Colorado to San Jose, California |
TWO |
Nokia |
1/26/94 |
Unauthorized electronic transfer of Nokia proprietary software from
Salo, Finland to USC in Los Angeles, California |
THREE |
Nokia |
2/4/94 |
Telephone call from defendant MITNICK aka "Mike" in the
United States to Nokia in Finland |
FOUR |
Novell |
2/13/97 |
Unauthorized electronic transfer of Novell proprietary software from
Sandy, Utah through CSN in Denver, Colorado to USC in Los Angeles,
California |
FIVE |
Motorola |
2/19/94 |
Telephone
call from defendant MITNICK aka "Earl Roberts" in Colorado
to Motorola in Libertyville, Illinois |
SIX |
Motorola |
2/20/94 |
Telephone
call from defendant MITNICK in Colorado to Libertyville, Illinois |
SEVEN |
Motorola |
2/21/94 |
Unauthorized
electronic transfer of Motorola propriety software from
Libertyville, Illinois through CSN in Denver, Colorado and then to
USC in Los Angeles, California |
EIGHT |
Fujitsu |
4/15/94 |
Telephone
call from defendant MITNICK aka "Chris Stephenson" in
Colorado to Richardson, Texas |
NINE |
Fujitsu |
4/15/94 |
Unauthorized
electronic transfer of Fujitsu propriety software from Richardson,
Texas through CSN in Denver, Colorado to USC in Los Angeles,
California |
TEN |
Nokia |
4/21/94 |
Telephone
call from defendant MITNICK aka "Adam Gould" in the United
States to Nokia in Finland |
ELEVEN |
Fujitsu |
4/26/94 |
Telephone
call from defendant MITNICK in the United States to Fujitsu in Japan |
TWELVE |
Nokia |
5/9/94 |
Telephone
call by defendant DEPAYNE aka "K.P. Wileska" from Los
Angeles, California to Nokia in Largo, Florida |
THIRTEEN |
NEC |
5/9/94 |
Telephone
call from defendant MITNICK aka "Greg" in the United
States to NEC in Japan |
FOURTEEN |
NEC |
5/10/94 |
Unauthorized
electronic transfer of NEC proprietary software from Irving, Texas
to USC in Los Angeles, California |
COUNT FIFTEEN
[18 U.S.C. § 1030(a)(4)]
28. The grand jury repeats and realleges paragraphs 1
through 26 as if fully set forth herein.
29. On or about February 21, 1994, within the Central
District of California and elsewhere, defendant KEVIN DAVID
MITNICK knowingly, and with the intent to defraud, accessed a
Federal interest computer without authorization in order to carry
out a scheme to defraud and obtained an object of value.
Specifically, defendant MITNICK: (a) knowingly, and without
Motorola's authorization, used computers in one state to access
computers in another state belonging to Motorola; (b) duplicated
and transferred proprietary computer software belonging to
Motorola; and, (c) electronically transferred the proprietary
software stolen from Motorola in Illinois, across state lines to
computers located in Denver, Colorado, and then to computers
located at USC, in Los Angeles, California.
COUNT SIXTEEN
[18 U.S.C. § 1030(a)(5)]
30. The grand jury repeats and realleges paragraphs 1
through 26 as if fully set forth herein.
31. Between June 1993 and June 1994, in the Central
District of California and elsewhere, defendant KEVIN DAVID
MITNICK, using computers located outside California, knowingly,
and without authorization, altered, damaged and destroyed
information contained in, and prevented authorized use of, the
computers of USC, located in Los Angeles, California. In
altering, damaging, and destroying information contained in, and
preventing authorized use of, the computers of USC, defendant
MITNICK caused losses to one or more persons and entities
aggregating more than $1,000.
COUNT SEVENTEEN
[18 U.S.C. § 2511]
32. The grand jury repeats and realleges paragraphs 1
through 26 as if fully set forth herein.
33. In or around December 1993, in the Central Division of
the District of Utah and elsewhere, defendant KEVIN DAVID MITNICK
knowingly and intentionally intercepted an electronic
communication. Specifically, through the use of a computer and a
computer modem, defendant MITNICK installed a program on the
computers of Novell which permitted defendant MITNICK to capture
electronic communications in the form of computer passwords being
transmitted to the computers of Novell. Thereafter, defendant
MITNICK used the unauthorized computer program to intercept
electronic communications; namely, authorized computer passwords
being transmitted to Novell computers by authorized users of
Novell computers.
COUNT EIGHTEEN
[18 U.S.C. § 1029]
34. The grand jury repeats and realleges paragraphs 1
through 26 as if fully set forth herein.
35. On or about the dates set forth below, in the Central
District of California, the Western District of Washington and
elsewhere, defendant KEVIN DAVID MITNICK, knowingly and with
intent to defraud possessed more than fifteen unauthorized access
devices; namely, electronic files containing in excess of 15
names and corresponding passwords for accounts on the computers
of the companies described below:
COUNT |
DATE |
UNAUTHORIZED
PASSWORD FILES POSSESSED |
EIGHTEEN |
7/10/93 |
computer
file containing in excess of 100 user names and corresponding
passwords for accounts on Sun computers |
NINETEEN |
7/23/93 |
computer
file containing in excess of 100 user names and corresponding
passwords for accounts on Sun computers |
TWENTY |
12/1/93 |
computer
file containing in excess of 20 user names and corresponding
passwords for accounts on USC computers |
TWENTY-ONE |
12/20/93 |
computer
file containing in excess of 50 user names and corresponding
passwords for accounts on Novell computers |
TWENTY-TWO |
12/24/93 |
computer
file containing in excess of 900 user names and corresponding
passwords for accounts on Novell computers |
TWENTY-THREE |
2/22/94 |
computer
file containing approximately 212 user names and corresponding
passwords for accounts on Motorola computers |
TWENTY-FOUR |
4/16/94 |
computer
file containing in excess of 50 user names and corresponding
passwords for accounts on Fujitsu computers |
TWENTY-FIVE |
6/12/94 |
computer
file containing in excess of 30 user names and corresponding
passwords for accounts on NEC computers |
A TRUE BILL
_________________________
FOREPERSON
NORA M. MANELLA
United States Attorney
Central District of California
RICHARD E. DROOYAN
Assistant United States Attorney
Chief, Criminal Division
SEAN E. BERRY
Assistant United States Attorney
Chief, Major Frauds Section
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH