A North Carolina man was sentenced to over 10 years in prison for selling personal information of more than 7 million elderly Americans to Jamaican scam operators.
The defendant obtained the sensitive data through his access to a database and systematically sold it to criminal networks operating out of Jamaica. The scheme targeted vulnerable senior citizens whose information was subsequently used in fraud and theft operations.
Federal prosecutors demonstrated that the defendant knowingly facilitated the compromise of millions of Americans' personal records, enabling downstream scams that victimized elderly populations. The sale of this data directly enabled criminal activity targeting some of the most vulnerable members of the population.
This case reflects broader concerns about data security and insider threats within organizations that maintain sensitive personal information. Employees with database access remain a significant vulnerability, particularly when financial incentives exist to exploit that access.
The sentencing carries substantial prison time and reflects the severity with which federal courts treat the sale of personal data to criminal enterprises. Prosecutors emphasized the scale of the breach and the nature of the victims—elderly Americans targeted by international scam rings—in seeking a lengthy sentence.
The Jamaican scam operations that received the data have been the subject of ongoing law enforcement investigations. Data brokers and criminal networks operating from Jamaica have been linked to numerous schemes defrauding American seniors out of hundreds of millions of dollars annually.
This prosecution highlights the consequences of enabling cybercrime through data sales. It also underscores vulnerabilities in how personal information is protected within organizations that hold such data. The case joins a growing number of prosecutions targeting individuals who sell or leak sensitive personal information to criminal actors.
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.
Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.
A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.