August 5, 2005 4:32 PM PDT
Verdict expected soon in Acxiom hack case
Scott Levine, the 46-year-old former chief executive of a bulk e-mail service called Snipermail.com, has been on trial in the U.S. District Court in Little Rock, Ark., for the last four weeks. The U.S. Department of Justice last year called the alleged act one of "the largest cases of intrusion of personal data to date."
Court documents allege that Levine and at least one co-conspirator illegally downloaded thousands of files from servers owned by Acxiom, a Little Rock-based company that stores data from major credit card issuers, retailers, banks and the government.
Shortly before the trial began on July 11, the government reduced from 144 to 138, the number of counts with which Levine was charged, all related to computer crime. The six dropped charges involved "files that had no data in them," U.S. Attorney Bud Cummins said Friday. "We decided not to quibble over that."
The most serious of the charges against Levine--obstruction of justice--carries a sentence of up to 20 years. The other counts, which range from money laundering to unauthorized access of a protected computer, carry possible sentences of five to 10 years, according to court documents.
The trial has lasted 15 days, stretched across four weeks. A court official speaking on background said closing arguments will likely come on Monday or Tuesday. Both sides agreed at the outset that no proceedings would occur on Fridays.
Throughout the trial, neither side has disputed that information from Acxiom's database somehow ended up in Snipermail's system. The dispute has centered on who was responsible.
The defense has suggested that Levine was framed by employees who wanted to take over the company. As of Thursday, Miami-based defense attorney David Garvin had called eight witnesses, including Levine's wife and stepchildren. The defense has not officially rested its case and could bring forward additional witnesses when the trial resumes Monday. Garvin's office did not return calls on Friday.
Federal prosecutors have put 24 witnesses on the stand. They opened with several former Snipermail employees who entered into plea agreements but may later face charges. FBI and Secret Service investigators, Acxiom employees and an expert witness also have testified. The expert witness, Tom Hiller, who is president of an information management consulting firm in Nebraska, estimated that 1.6 billion records could have been stolen.
Cummins said he hadn't found anyone who could point to a larger theft in history. He was quick to add, "We have diligently monitored every way we know how, and we have not detected any use of that data for identity fraud or credit card fraud."
The information was used for commercial resale only, Cummins said, "and it was resold a very limited number of times."
According to the indictment, the alleged illicit activity began in early 2003, when Levine, working with one or more conspirators, used an unlawfully obtained password to download records from Acxiom containing names, physical addresses, e-mail addresses and other data. By June, the company had begun merging Acxiom's data with its own system, the indictment charged.
Acxiom has admitted there was a vulnerability that fell below its standards and apologized to its clients, Cummins said. "What happened here was a criminal act," he added. "It can't be tossed off because somebody didn't create as secure a system as they might have."CNET News.com's Declan McCullagh contributed to this report.