[ISN] Man charged with hacking into GM database

InfoSec News isn at c4i.org
Wed Mar 15 03:21:22 EST 2006 

http://seattlepi.nwsource.com/business/1700AP_GM_Security_Breach.html

By TOM KRISHER
ASSOCIATED PRESS WRITER
March 14, 2006 

DETROIT -- A former security guard at General Motors Corp.'s Warren
technical center is accused of taking employee Social Security numbers
and using them to hack into the company's employee vehicle database.

James S. Green II, 35, of Washington Township, found out what company
cars the employees drove and sent them bogus e-mails asking them their
thoughts on the vehicles, Macomb County sheriff's Capt. Anthony
Wickersham said Tuesday.

Green was arraigned Monday on eight counts of obtaining, possessing or
transferring personal identity information, one count of using a
computer to commit a crime and one count of stalking that was
unrelated to the GM cases. He was released after posting 10 percent of
a $50,000 bond.

Wickersham said Green obtained the Social Security numbers of about
100 GM employees from the Detroit area and sent them e-mails posing as
a representative of GM's company vehicle evaluation program.

"It's frightening to know that this individual had all this personal
information on a lot of people," Wickersham said.

There was no telephone listing for Green.

Employees became suspicious because the e-mails came from a Yahoo
address. They notified a GM security firm, which in turn told Macomb
County deputies, GM spokeswoman Geri Lama said.

The security firm identified Green as a suspect, but deputies couldn't
find him at his home, Wickersham said.

They determined that the e-mails were sent from a library in
Washington Township and found Green there, at a computer with the
employee information, Wickersham said.

Green apparently got the Social Security numbers while working for a
private security firm at the tech center, although officials weren't
sure exactly how.

All affected workers have been notified. Although there's no evidence
Green did anything else with the information, Wickersham said
employees should check their credit reports and notify credit card
companies to monitor for fraud.

He said officials don't know why Green sent the e-mails.

More information about the ISN mailing list