A Northamptonshire man who was a member of a hacking group which stole hospital patients’ records and Netflix shows has been sentenced to five years in prison in the US.
The Dark Overlord (TDO) hacking group stole data from a range of organisations, and demanded huge ransoms for its return.
Wyatt contacted victims to ask for payments, and was caught via a telephone number linking him to this.
The rest of the group remains at large.
It is unclear how many members there are.
Wyatt was arrested in 2017 in the UK and extradited to the US in December 2019. He had previously been investigated for hacking the iCloud account of Pippa Middleton, the sister of the Duchess of Cambridge, but was released with no further action taken.
The 39-year-old pleaded guilty in a federal court in St Louis to charges of identity theft and computer fraud. During the hearing, held via Zoom, he apologised and reportedly said that he never wanted to see another computer for the rest of his life.
He admitted that the group had obtained sensitive data from companies, and threatened to release the data unless the companies paid a ransom of between $75,000 (£58,000) and $350,000. No companies paid up, but he was ordered to pay £1.1m in compensation.
Acting US Assistant Attorney General Brian C Rabbitt said: “Nathan Wyatt used his technical skills to prey on Americans’ private data and exploited the sensitive nature of their medical and financial records for his own personal gain”.
The crimes the TDO has claimed responsibility for include:
- hacking three healthcare organisations and selling more than 650,000 patient records on the dark web
- hacking Netflix and leaking episodes of Orange is the New Black
- selling more than 9.3 million patient records from an unnamed healthcare insurance provider