A New Jersey man has admitted he installed keyloggers and laptops on the networks of two companies and used them to steal data related to an emerging technology they were using.
According to documents filed in US District Court for New Jersey, Ankur Agarwal, 45, of Montville, New Jersey, physically trespassed on the properties of both companies.
He then installed hardware-based keyloggers that recorded the usernames and passwords of the companies’ employees. He also installed laptops in the companies’ networks that he used to remotely access the compromised employee accounts. Agarwal also used his unauthorized access at one of the companies to create a fraudulent employee badge that allowed him continued access to the company’s premises.
The New Jersey man created a programming script designed to exfiltrate data. He used it against multiple computers to steal more than 15,000 files relating to the companies’ emerging data, human resources data, employees’ personal information, and email. Among the multiple employees who were targeted were a chief network engineer officer and a network engineer. The crimes began in February 2017 and came to an end around April 2018, when network security employees for one of the companies detected the intrusion and began an investigation.
Agarwal pleaded guilty to two counts of obtaining information from computers and one count of aggravated identity theft. He faces up to 12 years in prison and $750,000 in fines or twice the gain or loss of his offenses. He will also be required to pay restitution and to surrender computer gear. Sentencing is scheduled for January 28, 2019. A court document is here and a federal prosecutor release is here.