Hacker Who Attempted to Access Lowe's Computer System Sentenced

CHARLOTTE, N.C. (AP) - One of three Michigan men who tried to hack into the national computer system of the Lowe's home improvement chain to steal credit card information was sentenced Wednesday to nine years in federal prison.

The government described the prison term as the longest ever given in a computer crime case.

Brian Salcedo, of Whitmore Lake, Mich., pleaded guilty in August to conspiracy, transmitting computer code to cause damage to a computer, unauthorized computer access, and computer fraud.

Salcedo's 108-month sentence exceeds that given to well-known hacker Kevin Mitnick, who spent 68 months in prison according to a U.S. Justice Department Web site that tallies government cyber-crime prosecutions.

Mitnick led the FBI on a three-year manhunt that ended in 1995. He is said to have cost companies millions of dollars by stealing their software and altering computer information. Victims included Motorola, Novell, Nokia and Sun Microsystems.

In addition to Salcedo, two other men have been convicted in the Lowe's case. Adam Botbyl is scheduled to be sentenced Thursday; no date has been set for the sentencing of Adam Timmins.

In an interview with The Associated Press, federal prosecutor Matthew Martens said Salcedo sought access to data that could have caused huge economic losses for Lowe's and its customers.

``I think the massive amount of potential loss that these defendants could have imposed was astounding, so that's what caused us to seek a substantial sentence against Mr. Salcedo,'' he said.

The sentence was imposed by U.S. District Judge Lacy Thornburg.

Botbyl, of Waterford, Mich., has pleaded guilty to one count, conspiracy, with a recommendation that he serve three years, five months. He could have faced five years.

Charges against Timmins were dropped, and he pleaded guilty to a new charge of unauthorized access to a protected computer. Prosecutors said that may be the first conviction in the nation for ``wardriving.''

In wardriving, hackers search for vulnerable wireless Internet connections. The original indictment charged that Botbyl and Timmins drove around Southfield, Mich., in April 2003, searching for a vulnerable connection and using a laptop computer equipped with a wireless card and a wireless antenna.

In an indictment filed in Charlotte 13 months ago, federal prosecutors said the trio tapped into the wireless network of a Southfield Lowe's store, using that connection to enter the chain's central computer system in North Wilkesboro, N.C., and eventually to reach computer systems in Lowe's stores across the country.

Once inside the central Lowe's system, the men installed a program in the computer systems of several stores that was designed to capture credit card information from customers, the indictment said.

Lowe's officials said the men did not gain access to the company's national database and that they believe the security of customers' credit card information was never compromised.

Salcedo could have faced up to 25 years in prison. Prosecutors recommended that Salcedo serve about half that, 12 years and seven months, as part of his plea agreement.

The case was prosecuted in Charlotte because it is home to an FBI cyber-crime task force, Martens said.