TUCoPS :: Cyber Law :: indict~1.htm

The Indictment against Kevin Mitnick and Lewis Depayne
UNITED STATES DISTRICT COURT FOR THE CENTRAL DISTRICT OF CALIFORNIA UNITED STATES OF AMERICA, ) CR 96-881 ) Plaintiff, ) I N D I C T M E N T ) v. ) [18 U.S.C. § 1029: Possession ) of Unauthorized Access KEVIN DAVID MITNICK, AND ) Devices; 18 U.S.C. LEWIS DEPAYNE, ) § 1030(a)(4): Computer Fraud; ) 18 U.S.C. § 1030(a)(5): Defendants. ) Causing Damage To Computers; ) 18 U.S.C. § 1343: Wire Fraud; ) Interception of Wire or ) Electronic Communications; ) 18 U.S.C. § 2(a): Aiding and ) Abetting; 18 U.S.C. § 2(b): _________________________________) Causing and Act to be Done] The Grand Jury charges: COUNTS ONE THROUGH FOURTEEN [18 U.S.C. §§ 1343, 2a, 2b] INTRODUCTION 1. Beginning in or around June 1992 and continuing until February 1995, defendant KEVIN DAVID MITNICK, aided and abetted by defendant LEWIS DEPAYNE and others known and unknown to the Grand Jury, carried out a scheme to defraud, and to obtain property by means of false pretenses, representation and promises, by: (a) obtaining unauthorized access to computers belonging to numerous computer software and computer operating systems manufacturers, cellular telephone manufacturers, Internet Service Providers, and educational institutions; and (b) stealing, copying, and misappropriating proprietary computer software belonging to the companies described below (collectively referred to as "the victim companies"). THE VICTIM COMPANIES 2. Motorola, Inc. ("Motorola") is an electronics and computer software manufacturer headquartered in Schaumburg, Illinois. Among other things, Motorola designs and manufactures computer software used to operate cellular telephones manufactured by Motorola. Motorola spends substantial sums in developing its computer software and maintains it as highly confidential proprietary information. In some instances, Motorola licenses its computer software for a fee. 3. Nokia Mobile Phones, Ltd. ("Nokia") is a mobile telephone manufacturer headquartered in Finland. Nokia also has offices in the United Kingdom and in the United States. Among other things, Nokia designs and manufactures computer software used to operate its mobile telephones. Nokia spends substantial sums in developing its computer software and maintains it as highly confidential proprietary information. 4. Fujitsu, Limited is an electronics and computer software company headquartered in Japan. Fujitsu America, Inc. and Fujitsu Network Transmission Services, Inc. ("FNTS") are American subsidiaries of Fujitsu, Limited with offices in the United States (Fujitsu, Limited, Fujitsu America and FNTS are collectively referred to as "Fujitsu"). Among other things, Fujitsu designs and manufactures computer software used to operate cellular telephone networks. Fujitsu spends substantial sums in developing its computer software and maintains it as highly confidential proprietary information. In some instances, Fujitsu licenses its proprietary software for a fee. 5. Novell, Inc. ("Novell") is a computer software company headquartered in Provo, Utah, with offices throughout the United States. Among other things, Novell designs and manufactures proprietary computer software. Novell spends substantial sums in developing its computer software and maintains it as highly confidential proprietary information. Novell also licenses its proprietary software for a fee. 6. NEC, Limited is an electronics and computer software manufacturer headquartered in Japan. NEC America, Inc. is the American subsidiary of NEC, Limited, headquartered in Irving, Texas, with offices throughout the United States (NEC, Limited) and NEC America, Inc. are hereafter collectively referred to as "NEC"). Among other things, NEC designs and manufactures computer software used to operate cellular telephone networks. NEC spends substantial sums in developing its computer software and maintains it as highly confidential proprietary information. NEC also licenses its proprietary software for a fee. 7. Sun Microsystems, Inc. ("Sun") is a computer manufacturer headquartered in Mountain View, California, with offices throughout the United States and Canada. Among other things, Sun designs and manufactures software for computer operating systems. Sun spends substantial sums in developing its computers software and maintains it as highly confidential proprietary information. Sun also licenses its proprietary software for a fee. THE INTERNET SERVICE PROVIDERS AND EDUCATIONAL INSITUTIONS 8. Colorado SuperNet ("CNS") is an Internet Service Provider headquartered in Denver, Colorado. For a fee, CSN provides customers with computer user accounts that customers may use to access other computer systems on the Internet. 9. Netcom On-Line Services ("Netcom") is an Internet Service Provider headquartered in San Jose, California. For a fee, Netcom provides customers with computer user accounts that customers may use to access other computer systems on the Internet. 10. The University of Southern California ("USC") is an educational institution located in Los Angeles, California. Among other things, USC owns, maintains and operates a number of computers for the authorized use of USC faculty, students, contractors, administrators and other authorized personnel. USC also provides internet access to authorized users. THE SCHEME TO OBTAIN THE VICTIM COMPANIES' PROPRIETARY COMPUTER SOFTWARE 11. Between June 1992 and February 1995, defendant MITNICK, aided and abetted by defendant DEPAYNE and others known and unknown to the Grand Jury, in the Central District of California and elsewhere, carried out a scheme to fraudulently obtain proprietary computer software belonging to the victim companies. Defendant MITNICK, aided and abetted by defendant DEPAYNE and others known and unknown to the Grand Jury, carried out the scheme, in part, as follows: 12. During the time relevant to this indictment, the victim companies developed computer software that they maintained as highly confidential proprietary information. The proprietary computer software was stored in computers belonging to the victim companies. 13. In order to circumvent computer security measures employed by the victim companies to safeguard their proprietary computer software, defendant MITNICK needed to obtain user accounts and corresponding passwords on victim companies' computers so that he could then access these computers as part of the scheme to obtain the victim companies' proprietary software. 14. Defendant MITNICK, aided and abetted by defendant DEPAYNE and others known and unknown to the Grand Jury, obtained confidential computer user accounts and corresponding secret passwords on victim companies' computers through the following means. 15. Defendants MITNICK and DEPAYNE, using aliases, deceived employees of the victim companies into providing them with user accounts and corresponding passwords by falsely representing that they were employees of the victim companies. In some instances, defendant MITNICK, using aliases, called the computer department of a victim company, posed as an employee of the victim company working on a special project, and then deceived computer department personnel into creating a new user account on the victim company's computers. Often, defendant MITNICK asked the computer department personnel for a user account which he could access from remote locations by dialing into the victim company's computers using a telephone and a computer "modem" (a device that allows computers to communicate over telephone lines). On other occasions, defendant MITNICK called employees of a victim company, impersonated computer department personnel, and then deceived the unsuspecting employees into providing him with their secret computer passwords. 16. To conceal his identity and avoid detection when making these fraudulent telephone calls, defendant MITNICK used stolen electronic serial numbers and mobile identification numbers to create numerous "clone" cellular telephones that allowed him to place unauthorized cellular telephone calls that were billed to, and hence appeared to have been place by, legitimate cellular telephone subscribers. 17. Defendant MITNICK, aided and abetted by others known and unknown to the Grand Jury, obtained other user accounts and corresponding passwords for victim companies' computers by: (a) using a computer program that intercepted and captured user account information and passwords of authorized users as they logged into the computers of a victim company; (b) copying "encrypted" (or coded) electronic password files maintained on a victim company's computer to his own computer and then using computer software programs to "decrypt" (or decode) the information contained in the password files so that the passwords could be identified and used; and (c) intercepting or reading private electronic mail ("E-mail") communications containing user account, password, and computer security information. 18. Defendant MITNICK used the fraudulently obtained user accounts and corresponding passwords to gain unauthorized access to the computers of the victim companies, and to computers belonging to Internet Service Providers and educational institutions. In order to conceal his identity, and to further avoid detection, defendant MITNICK used "clone" cellular telephones, computer modems, Internet connections from other victim companies, or stolen long distance calling card numbers to access the computers of the victim companies, the Internet Service Providers, and the educational institutions. 19. Once he obtained initial unauthorized access to a computer by using fraudulently obtained user accounts and passwords, defendant MITNICK circumvented internet computer security measures installed on victim companies' computers for the purpose of preventing regular users from accessing information stored in protected parts of the computer systems or in other authorized user's accounts. Specifically, defendant MITNICK ran unauthorized computer "hacking" programs on the computers of some of the victim companies, Internet Service Providers, and educational institutions that altered or replaced the existing legitimate programs installed on the computers of these entities. 20. Defendant MITNICK used unauthorized "hacking" programs to: (a) circumvent computer security to obtain unrestricted access to other user accounts and confidential information, including E-mail, stored on the computers of the victim companies, Internet Service Providers, and education institutions; (b) disable computer logs that ordinarily provide a record of the dates and times when a computer is accessed; and (c) make his unauthorized entries into victim companies' computer systems invisible to computer department personnel responsible for maintaining and securing the computers of the victim companies, Internet Service Providers, and educational institutions. 21. By running unauthorized "hacking" programs, defendant MITNICK was able to obtain undetected "Superuser" status on the computers of the victim companies, Internet Service Providers and educational institutions. "Superuser" status permits a user to access all areas of a computer. 22. Defendant MITNICK used his "Superuser" status to: (a) obtain access to proprietary computer software and other confidential information stored in otherwise inaccessible areas of the computers of the victim companies; and (b) copy, misappropriate and transfer proprietary computer software, E- Mail, passwords, and personal information about victim company personnel. 23. Using computers and modems, defendant MITNICK electronically transferred the proprietary software from the victim companies' computers through misappropriated Internet user accounts, and then to computers belong to USC, which he used to store the stolen proprietary software. 24. Defendant MITNICK, aided and abetted by defendant DEPAYNE and others known and unknown to the Grand Jury, also obtained proprietary computer software by: (a) deceiving victim company employees into transferring proprietary computer software to victim company computers and Internet Service Provider accounts that had been compromised by defendant MITNICK; and (b) deceiving victim company employees into mailing computer tapes and disks containing proprietary computer software to defendants MITNICK and DEPAYNE, posing as other victim company employees or authorized recipients of the proprietary computer software. 25. Defendant DEPAYNE aided and abetted defendant MITNICK through various means, including, but not limited to: (a) providing defendant MITNICK with cellular telephones; (b) assisting defendant MITNICK in converting cellular telephones into "clone" cellular telephones by programming them with stolen electronic serial numbers and mobile identification numbers; (c) maintaining an Internet account that defendant MITNICK used to transfer some of the fraudulently obtained proprietary computer software; (d) placing at least one pretext telephone call to a victim company posing as an employee of the victim company; and (e) attempting to have computer tapes containing proprietary computer software sent via express delivery to a hotel in Compton, California. 26. Through the means described above, defendant MITNICK, aided and abetted by defendant DEPAYNE, gained unauthorized access to numerous computer systems, and obtained, or attempted to obtain, proprietary computer software worth millions of dollars. USE OF INTERSTATE AND FOREIGN WIRES 27. On or about the dates set forth below, in the Central District of California and elsewhere, defendant KEVIN DAVID MITNICK, aided and abetted by defendant LEWIS DEPAYNE and others known and unknown to the Grand Jury, for the purpose of executing the above described scheme to fraud and to obtain property by means of false and fraudulent pretenses, representations and promises, caused the following transmissions by wire communication in interstate and foreign commerce:
COUNT VICTIM DATE WIRE TRANSMISSION
ONE Novell 1/4/94 Telephone call from defendant MITNICK aka "Gabe Nault" in Colorado to San Jose, California
TWO Nokia 1/26/94 Unauthorized electronic transfer of Nokia proprietary software from Salo, Finland to USC in Los Angeles, California
THREE Nokia 2/4/94 Telephone call from defendant MITNICK aka "Mike" in the United States to Nokia in Finland
FOUR Novell 2/13/97 Unauthorized electronic transfer of Novell proprietary software from Sandy, Utah through CSN in Denver, Colorado to USC in Los Angeles, California
FIVE Motorola 2/19/94 Telephone call from defendant MITNICK aka "Earl Roberts" in Colorado to Motorola in Libertyville, Illinois
SIX Motorola 2/20/94 Telephone call from defendant MITNICK in Colorado to Libertyville, Illinois
SEVEN Motorola 2/21/94 Unauthorized electronic transfer of Motorola propriety software from Libertyville, Illinois through CSN in Denver, Colorado and then to USC in Los Angeles, California
EIGHT Fujitsu 4/15/94 Telephone call from defendant MITNICK aka "Chris Stephenson" in Colorado to Richardson, Texas
NINE Fujitsu 4/15/94 Unauthorized electronic transfer of Fujitsu propriety software from Richardson, Texas through CSN in Denver, Colorado to USC in Los Angeles, California
TEN Nokia 4/21/94 Telephone call from defendant MITNICK aka "Adam Gould" in the United States to Nokia in Finland
ELEVEN Fujitsu 4/26/94 Telephone call from defendant MITNICK in the United States to Fujitsu in Japan
TWELVE Nokia 5/9/94 Telephone call by defendant DEPAYNE aka "K.P. Wileska" from Los Angeles, California to Nokia in Largo, Florida
THIRTEEN NEC 5/9/94 Telephone call from defendant MITNICK aka "Greg" in the United States to NEC in Japan
FOURTEEN NEC 5/10/94 Unauthorized electronic transfer of NEC proprietary software from Irving, Texas to USC in Los Angeles, California

                         COUNT FIFTEEN

                    [18 U.S.C. § 1030(a)(4)]


     28.  The grand jury repeats and realleges paragraphs 1

through 26 as if fully set forth herein.

     29.  On or about February 21, 1994, within the Central

District of California and elsewhere, defendant KEVIN DAVID

MITNICK knowingly, and with the intent to defraud, accessed a

Federal interest computer without authorization in order to carry

out a scheme to defraud and obtained an object of value.

Specifically, defendant MITNICK: (a) knowingly, and without

Motorola's authorization, used computers in one state to access

computers in another state belonging to Motorola; (b) duplicated

and transferred proprietary computer software belonging to

Motorola; and, (c) electronically transferred the proprietary

software stolen from Motorola in Illinois, across state lines to

computers located in Denver, Colorado, and then to computers

located at USC, in Los Angeles, California.



                         COUNT SIXTEEN

                    [18 U.S.C. § 1030(a)(5)]



     30.  The grand jury repeats and realleges paragraphs 1

through 26 as if fully set forth herein.



     31.  Between June 1993 and June 1994, in the Central

District of California and elsewhere, defendant KEVIN DAVID

MITNICK, using computers located outside California, knowingly,

and without authorization, altered, damaged and destroyed

information contained in, and prevented authorized use of, the

computers of USC, located in Los Angeles, California. In

altering, damaging, and destroying information contained in, and

preventing authorized use of, the computers of USC, defendant

MITNICK caused losses to one or more persons and entities

aggregating more than $1,000.



                        COUNT SEVENTEEN

                       [18 U.S.C. § 2511]


     32.  The grand jury repeats and realleges paragraphs 1

through 26 as if fully set forth herein.



     33.  In or around December 1993, in the Central Division of

the District of Utah and elsewhere, defendant KEVIN DAVID MITNICK

knowingly and intentionally intercepted an electronic

communication. Specifically, through the use of a computer and a

computer modem, defendant MITNICK installed a program on the

computers of Novell which permitted defendant MITNICK to capture

electronic communications in the form of computer passwords being

transmitted to the computers of Novell. Thereafter, defendant

MITNICK used the unauthorized computer program to intercept

electronic communications; namely, authorized computer passwords

being transmitted to Novell computers by authorized users of

Novell computers.


                         COUNT EIGHTEEN

                       [18 U.S.C. § 1029]


     34.  The grand jury repeats and realleges paragraphs 1

through 26 as if fully set forth herein.



     35.  On or about the dates set forth below, in the Central

District of California, the Western District of Washington and

elsewhere, defendant KEVIN DAVID MITNICK, knowingly and with

intent to defraud possessed more than fifteen unauthorized access

devices; namely, electronic files containing in excess of 15

names and corresponding passwords for accounts on the computers

of the companies described below:

COUNT DATE UNAUTHORIZED PASSWORD FILES POSSESSED
EIGHTEEN 7/10/93 computer file containing in excess of 100 user names and corresponding passwords for accounts on Sun computers
NINETEEN 7/23/93 computer file containing in excess of 100 user names and corresponding passwords for accounts on Sun computers
TWENTY 12/1/93 computer file containing in excess of 20 user names and corresponding passwords for accounts on USC computers
TWENTY-ONE 12/20/93 computer file containing in excess of 50 user names and corresponding passwords for accounts on Novell computers
TWENTY-TWO 12/24/93 computer file containing in excess of 900 user names and corresponding passwords for accounts on Novell computers
TWENTY-THREE 2/22/94 computer file containing approximately 212 user names and corresponding passwords for accounts on Motorola computers
TWENTY-FOUR 4/16/94 computer file containing in excess of 50 user names and corresponding passwords for accounts on Fujitsu computers
TWENTY-FIVE 6/12/94 computer file containing in excess of 30 user names and corresponding passwords for accounts on NEC computers

                                    A TRUE BILL



                                    _________________________

                                    FOREPERSON



NORA M. MANELLA

United States Attorney

Central District of California



RICHARD E. DROOYAN

Assistant United States Attorney

Chief, Criminal Division



SEAN E. BERRY

Assistant United States Attorney

Chief, Major Frauds Section




TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH