PORTLAND, Ore.—Kristopher Ives, 33, of Portland, pleaded guilty today to fraud in connection with computers for illegally accessing the computer network and data of his former employer, Gearbox Studios, after being terminated.
According to court documents, in 2008, Ives began working as a computer programmer for Gearbox Studios, a Portland-based digital marketing agency. Ives eventually became Gearbox Studio’s lead programmer for server architecture and support, a position of trust with access to the computer networks and data of both the company and the company’s clients.
Between February and May 2015, after being terminated from his position, Ives illegally accessed Gearbox’s computers to steal and tamper with data. He used this data to attack Gearbox’s servers and various websites belonging to Gearbox customers. Ives deleted nearly 20,000 products from customer websites and changed prices for various items. Ives also stole names and credit card numbers from these Gearbox customer websites and threatened to release the information unless Gearbox made payment to a bitcoin address.
Ives faces a maximum sentence of 10 years in prison, a $250,000 fine and three years of supervised release. He will be sentenced on January 22, 2020 before U.S. District Court Judge Michael H. Simon.
As part of the plea agreement, Ives has agreed to pay restitution to his victims as ordered by the court.
This case was investigated by the FBI’s Oregon Cybercrime Task Force and is being prosecuted by Quinn P. Harrington, Assistant U.S. Attorney for the District of Oregon.
Any public or private entity suspecting a cyber intrusion or attack should contact the FBI through the Internet Crime Complaint Center at www.ic3.gov or by calling your nearest FBI office.