Twenty-five-year-old Eric McCarty of San Diego has been charged with hacking into the University of Southern California’s (USC) computer network and accessing data related to student applications, the Associated Press reports via the New York Post.
On Wednesday, a criminal complaint was unsealed that says McCarty executed a command meant to damage the University’s Web application system for students, according to the AP.
McCarty could be sentenced to as many as 10 years in prison, the AP reports.
A computer network administrator, McCarty makes a living by executing “penetration tests” on computer networks to simulate genuine attacks, according to the AP.
Prosecutors say that in June, McCarty illegally accessed a USC database that contained information on some 275,000 student applicants, downloading and retaining the names, passwords and Social Security numbers of seven individuals on his personal computer, the AP reports.
He later reported the attack to the website securityfocus.com under the e-mail address “ihackeduscgmail.com,” according to the AP.
Authorities alleged that McCarty’s attack was not in conjunction with any USC testing, and that instead of reporting it to the university he informed securityfocus.com, the AP reports.
Ken McGuire, an FBI supervisory special agent, told the AP, “Our belief is that he knew that this was an inappropriate way to test someone’s security, and clearly this was computer intrusion.”
McCarty was not taken into police custody, but he will be brought before a federal court in Los Angeles on April 28, the AP reports.
For related news coverage, read Hacked Computers Hit With Updated Spam Tool and Briton Allegedly Hacked into U.S. Government Networks.
Check out our CIO News Alerts and Tech Informer pages for more updated news coverage.