A Tennessee man was sentenced today to nearly four years in federal prison for launching cyber-attacks on corporations, universities and governmental entities throughout the world.
As a member of the hacking group “NullCrew,” Timothy Justin French exploited computer vulnerabilities to obtain unauthorized access and steal confidential information, including encrypted personal data of thousands of individuals. French’s cyber-attacks caused at least $792,000 in monetary loss to victim companies, universities and governmental bodies.
U.S. District Judge Gary Feinerman imposed the 45-month sentence today in federal court in Chicago.
French, 22, of Morristown, Tenn., pleaded guilty last year to one count of intentionally damaging a protected computer without authorization.
NullCrew is a computer hacking group who carried out a series of cyber-attacks in the United States and throughout the world. To publicize their intrusions, French and other members of NullCrew maintained Twitter accounts, including @NullCrew_FTS and @OfficialNull, which they used to announce their cyber-attacks and ridicule their victims by publicly disclosing the confidential information they had stolen, according to French’s plea declaration. French hid his true identity by using Internet aliases, including “Orbit,” “@Orbit_g1rl,” “crysis,” “rootcrysis,” and “c0rps3.”
French participated in at least seven cyber-attacks while a member of NullCrew from 2012 to 2014. One of the attacks was carried out against a large Canadian telecommunications company, while another attack targeted a U.S. state, according to the plea declaration.