An Indian-origin man of Morris County, New Jersey, was sentenced today (Sept. 1, 2020) to 94 months in prison for carrying out a sophisticated computer hacking scheme that targeted two companies in New Jersey, U.S. Attorney Craig Carpenito announced.
Ankur Agarwal, 45, of Montville, New Jersey, previously pleaded guilty before U.S. District Judge Susan D. Wigenton in Newark federal court to two counts of obtaining information from computers and one count of aggravated identity theft. Judge Wigenton imposed the sentence today. In addition to the prison term, the judge sentenced Agarwal to three years of supervised release and fined him $25,000.
Agarwal admitted that he physically trespassed onto a company’s premises in New Jersey (Company One), according to documents filed in this case and statements made in court, which are laid out in the press release from the U.S. Attorney’s Office, District of New Jersey.
Starting February 2017, Agarwal illegally installed hardware key-logger devices onto Company One’s computers. The key-logger devices covertly recorded the keystrokes of the company’s employees and gave Agarwal their usernames and passwords.
He also secretly installed his personal computer and a hard drive onto the company’s computer network.
Using the stolen logon credentials of company employees, Agarwal hacked into the company’s computer network and targeted various employees, including employees developing an emerging technology.
Agarwal admitted that he stole, transferred, and exfiltrated Company One’s data and information, including its emerging technology. He also created a malicious computer code designed to exfiltrate data, installed it on the company’s computer systems, and executed the code to steal and transfer data to himself.
He also admitted that he hacked into, targeted, and stole data and information from a second company in New Jersey (Company Two), using the same general scheme,
First physically trespassing onto Company Two’s premises, he installed hardware key-logger devices onto the company’s computers, installed his personal computer and a hard drive onto the company’s computer network, and stole, transferred, and exfiltrated Company Two’s data and information, including an emerging technology that Company Two was developing.
In addition, Agarwal also obtained unauthorized access into an employee’s computer system at Company 2, and then created an access badge for himself. This fraudulently access badge allowed Agarwal to physically trespass onto Company Two’s premises.