An employee of America Online Inc. (AOL) was arrested Wednesday for stealing AOL user screen names and selling them to an unsolicited commercial (spam) e-mail operation, AOL said in a statement.
AOL said it discovered the screen name thefts and passed the information on to federal law enforcement agencies, leading to the arrest. AOL has fired the employee, it said in the statement, and is committed to his full prosecution.
No member credit card or password information was compromised, AOL said.
U.S. media reports said that the number of screen names stolen totalled 92 million [M], and that the e-mail spammer had also been arrested. The AOL employee received over $100,000 for the list of names, media said.
The pair face up to five years in jail and heavy fines if convicted under the U.S.'s new Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act, which came into effect at the beginning of 2004.
In the statement, AOL said it is reviewing and strengthening its internal procedures as a result of this investigation and arrest.
The incident comes the day after AOL, along with Yahoo Inc., Microsoft Corp., and EarthLink Inc., forming the Anti-Spam Technical Alliance, released a set of recommendations for eliminating spam.
Sign up to receive Security Resource Alerts
A comprehensive security management solution can help you streamline, as well as grow, your current or evolving business. In this way, a strategic security approach can help you increase your competitiveness in these challenging market conditions.
Download now! »
Find out how you can effectively collect, normalize and archive enterprise-wide, security-related data that is invaluable for security investigation and compliance reporting.
Download now! »
This session focuses on the intersection of role management and identity compliance, and addresses the importance of identity compliance in enterprise governance and the challenges that organizations may face in achieving it.
View now! »
Recommend This
