February 4, 2024 at 10:42AM
Wisconsin man Joseph Garrison, 19, was sentenced to 18 months in prison for his involvement in a credential stuffing attack targeting a fantasy sports and betting website. He accessed 60,000 user accounts using stolen credentials, stealing approximately $600,000. Garrison surrendered to authorities and pleaded guilty. Two others were charged in connection with the scheme.
Key takeaways from the meeting notes:
– Joseph Garrison, 19, from Wisconsin, was sentenced to 18 months in prison for his involvement in a credential stuffing attack on a fantasy sports and betting website, targeting approximately 60,000 user accounts.
– The attack involved using username and password pairs from other data breaches to access accounts using the same passwords, with approximately $600,000 stolen from roughly 1,600 accounts.
– Garrison surrendered himself on the same day he was indicted and pleaded guilty in November 2023. Law enforcement found evidence including software for credential stuffing on his computer, 700 config files used by the credential stuffing programs, and 40 million username and password pairs.
– Conversations about the attack and monetization were found on Garrison’s phone.
– The Department of Justice announced charges against two other individuals involved in the scheme, Nathan Austad, 19, of Farmington, Minnesota, and Kamerin Stokes, 21, of Memphis, Tennessee.
Additionally, Garrison was sentenced to three years of supervised release, ordered to pay over $175,000 in forfeiture, and more than $1.3 million in restitution.
Related:
– Man Sentenced to Prison for Stealing Millions in Cryptocurrency via SIM Swapping
– Canadian Man Sentenced to Prison for Ransomware Attacks
– Russian TrickBot Malware Developer Sentenced to Prison in US