Michigan Man Arrested for Selling Stolen Information the Darkweb

~2 min read | Published on 2020-06-22, tagged DarkWebGeneral-News using 458 words.

Authorities arrested and charged a Michigan man for allegedly hacking the human resource database of a medical center, stealing the personally identifiable information of more than 65,000 employees, and selling the stolen data on the darkweb.
According to court records, Justin Sean Johnson, 29, hacked the human resource databases of the University of Pittsburgh Medical Center (UPMC) in late 2013 and early 2014. He used his access to steal names of employees, Social Security numbers, addresses, employment statuses, and W-2 information. Johnson allegedly sold the stolen information on the darkweb. According to court records, customers filed false tax returns and claimed tax refunds.
[img=]Johnson Worked for FEMA According to His Facebook and LinkedIn Profiles[/img]
The 43-count indictment alleges that Johnson first hacked into the HR database of UPMC on December 1, 2013. He stole the personal information of more than 23,500 UPMC employees during the first breach. Johnson then hacked into the UPMC HR database regularly between January 21, 2014, and February 24, 2014, and stole the information of thousands of UPMC employees.

Between December 11, 2013, and April 12, 2014, Johnson allegedly listed the stolen information on the Evolution darkweb marketplace. Johnson allegedly operated under the aliases “DearthStar” and “TheDearthStar." An example of a listing from TheDearthStar is copied below:
US identity Fullz + 2013 W-2 [Pack of 10]

Description $3 each Name Address City State Zip SSN DOB Federal State/City W-2 Information (includes employer EIN and address) Provided but unverified data: Marital Status

!!!The majority of this listing will originate from Pennsylvania!!!

Johnson deposited his earnings into an account with Coinbase. The deposits allegedly amounted to more than $8,000.
The buyers of the stolen information sold by Johnson reportedly filed more than 1,300 false income tax returns between January and March 2014. The filers then claimed more than $1.7 million in unauthorized tax refunds.
U.S. Attorney Brady:
Justin Johnson stands accused of stealing the names, Social Security numbers, addresses and salary information of every employee of Pennsylvania’s largest health care system. After his hack, Johnson then sold UPMC employees’ PII to buyers around the world on dark web marketplaces, who in turn engaged in massive campaign of further scams and theft. His theft left over 65,000 victims vulnerable to years of potential financial fraud. Hackers like Johnson should know that our office will pursue you relentlessly until you are in custody and held accountable for your crimes.

The indictment alleges that after the UPMC hack in 2014, Johnson continued to hack companies and sell stolen information on darkweb marketplaces. Investigators believe he operated vendor accounts through 2017.
On May 20, 2020, Johnson was indicted by a federal grand jury in Pittsburgh for conspiracy, wire fraud and aggravated identity theft charges. He was arrested on June 16 in Detroit.
United States of America vs. Justin Sean Johnson 43-Count Indictment pdf html

Comments (12)


coinbase again!.... WAs he paying directly from the market to his coinbase account?


coinbase is always the reason.........

Fast Bucks From Lost Schmucks2020-06-24

Deena Wilber you spammed this comments section! Your whole spiel sounds like a fuckin' scam, ma'am. Playing on the desperation of script kiddie scum.

Sandor Vespai2020-06-24

Deena, take a long look in the mirror: you're as desperate as the marks you sucker. But karma is a bitch...

Curious In Seattle2020-06-24

Does anyone know what happened to that hospital records hack in Virginia several years ago? It made the news cuz there was a very aggressive ransom note. They paid up I think but did the perps get away?? Any info would be appreciated. http://voices.washingtonpost.com/securityfix/2009/05/hackers_break_into_virginia_he.html


deena if you keep spamming this shit you are going to regret it


Do people not use Monero? It's always something with coinbase

jesus fuck2020-07-01

Jesus uck, unsubscribe!


What a fucking dweeb


The law provides for a maximum sentence of five years in prison and a fine of not more than $250,000 for the conspiracy to defraud the United States; 20 years in prison and a fine of not more than $250,000 for each count of wire fraud, and a mandatory 24 months in prison and a fine of not more than $250,000 for each count of aggravated identity theft. Under the Federal Sentencing Guidelines, the actual sentence imposed is based upon the seriousness of the offenses and the criminal history, if any, of the defendant. YIKES

MySpace Tom2021-10-24

coinbase account and dry snitching on himself on Facebook... as long as the low hanging fruit is out there still doing dumb shit, the rest of us have less to worry about...


don't forget used iOS too!