NEW YORK – A Malaysian man who was arrested at Kennedy Airport with some 120,000 credit card accounts on his laptop less than two hours after he entered the U.S. last year, was sentenced Friday to 10 years in jail for hacking into computer systems at the Federal Reserve and credit union processor FedComp.
Lin Mun Poo was under surveillance by the U.S. Secret Service and was seen trying to sell the stolen credit card data at a Brooklyn diner for $1,000 per card soon after his arrival. Prosecutors said Poo hacked his way into well-guarded computer systems at the Federal Reserve, credit union data processor FedComp, and numerous financial institutions, then sold the information he stole from the institutions.
“He was able to install a keystroke logger into the Federal Reserve Bank,” Assistant U.S. Attorney Cristina Posa, said at last week’s sentencing. “He could have wreaked financial havoc through insider trading.”
By allegedly hacking into the FedComp system, Poo had access to data of several credit unions, including Mercer County New Jersey Teachers FCU and Firemen’s Association of the State of New York FCU, according to prosecutors.
Poo pled guilty in April to access device fraud in connection with possessing stolen bank card and credit card numbers and admitted that he compromised a computer server belonging to the Federal Reserve Bank and installed a malicious software code onto that server.
Poo traveled to the U.S. on Oct. 21, 2010, to sell stolen credit card and bank card numbers but, unknown to him, the purchaser was an undercover Special Agent of the Secret Service. At the time of his arrest, Poo possessed more than 122,000 stolen bank card and credit card numbers in his heavily encrypted laptop computer and admitted that he hacked computers for money.
Poo’s computer also contained logs of “chats,” or online instant messaging communications, in which he discussed his business of obtaining and selling stolen bank account information to co-conspirators around the world, who would encode that information onto plastic cards for the purpose of making fraudulent ATM withdrawals and credit card purchases.
Poo’s cybercrime activities also extended to the national security sector – in 2010, he hacked into the computer system of a Department of Defense contractor that provides systems management services for military transport and other military operations, potentially compromising highly sensitive military logistics information.
