Zammis Clark, a 24-year-old security researcher, claimed to have hacked into a Microsoft and Nintendo server to steal confidential information.
Clark, known as Slipstream or Raylee in cyberspace, was sentenced for various violations of computer use at London Crown Court. And he pleaded guilty to hacking Microsoft and Nintendo networks.
The Prosecutor revealed that Clark had access to the Microsoft server on January 24, 2017 using an internal username and password. After logging in, he uploaded a web shell to access Microsoft’s network remotely for at least three weeks.
He made Nintendo’s internal network the next target. He has access to a Virtual Private Network (VPN) and uses the same software to break down Nintendo’s network.
From there he got access to the Nintendo server which kept very secret game development files. That is the development code for games that have not been released.
He successfully stole 2,365 usernames and passwords before Nintendo finally realized the burglary in May 2018. Nintendo estimates that the losses suffered reached USD 913 thousand to USD 1.8 million, smaller than the estimated loss of Microsoft which reached USD 2 million.
As a result of this act Clark was sentenced to 15 months in prison, which he had lived for 18 months. This means that he will not be jailed again after receiving a court ruling.
However, he was charged with a rule called Serious Crime Prevention Order which allowed him to be sentenced to five years’ imprisonment and unlimited fines if he repeated his mistake.
Clark was previously an employee at a cyber security company called Malwarebytes, precisely when he hacked into the Microsoft network. He had previously been warned by the British Police after he was arrested for involvement in data theft in a children’s toy maker company named Vtech in 2015.
In the hack Clark accessed millions of Vtech user accounts, including accounts belonging to minors. Account data includes names, other dates, profile photos, and even the user’s address.
He admitted that if he was involved in Vtech entrapment, the company did not want to pass the matter to the table, which made Clark free from punishment. Vtech itself was later subjected to a fine of USD 650 thousand for violating the privacy of minors.