3 admit hacking into Lowe's computer
Men conspired to steal credit card information, authorities say
The Associated Press
Updated: 4:17 p.m. ET Aug. 5, 2004
CHARLOTTE, N.C. - Three Michigan men have pleaded guilty to charges that they conspired to hack into the national computer system of the Lowe's home improvement chain to steal credit card information, federal authorities said Wednesday.
Under plea agreements, Brian Salcedo, Adam Botbyl and Paul Timmins pleaded guilty to just handful of the 16 charges each man originally faced, the U.S. Attorney's office said.
Under a plea agreement, Salcedo, of Whitmore Lake, Mich., pleaded guilty to four counts: conspiracy; transmitting computer code to cause damage to a computer; unauthorized computer access; and computer fraud.
The charges carry a maximum penalty of 25 years in prison. Under terms of the agreement, prosecutors will recommend that Salcedo serve about half that, 12 years and seven months.
Botbyl, of Waterford, Mich., pleaded guilty to one count, conspiracy, with a recommendation that he serve three years, five months. He could have faced five years.
Charges against Timmins were dropped, and he pleaded guilty instead to a new charge of unauthorized access to a protected computer. Prosecutors said that may be the first conviction in the nation for "wardriving."
In wardriving, hackers search for vulnerable wireless Internet connections. The original indictment charged that Botbyl and Timmins drove around Southfield, Mich., in April 2003, searching for a vulnerable connection, "using a laptop computer equipped with a wireless card and a wireless antenna."
In an indictment handed up in Charlotte in November, federal prosecutors said the trio accessed the wireless network of a Southfield Lowe's store, using that connection to enter the chain's central computer system in North Wilkesboro, N.C., and eventually to reach computer systems in Lowe's stores across the country.
Once inside the central Lowe's system, the men installed a program in the computer systems of several stores that was designed to capture credit card information from customers, the indictment said.
Lowe's officials said the men did not gain access to the company's national database and that they believed all customers' credit card information was secure.