HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

3 Year Jail Term for UK Man Linked to The Dark Overlord Hacking Group

A man linked to the hacking group TheDarkOverlord has been sentenced to serve three years in jail for fraud and blackmail offenses, although not for any cyberattacks or extortion attempts related to the The Dark Overlord gang.

Nathan Wyatt, 36, from Wellingborough, England, known online as the Crafty Cockney, pleaded guilty to 20 counts of fraud by false representation, a further two counts of blackmail, and one count of possession of a false identity document with intent to deceive.

Last week, at Southwark Crown Court, Wyatt was sentenced to serve three years in jail by Judge Martin Griffiths. At the sentencing hearing, Judge Griffiths suggested Wyatt was responsible for many more crimes other than those pursued via the courts. Some of those offenses are related to the TheDarkOverlord.

In September last year, Wyatt was arrested for attempting to broker the sale of photographs of Pippa Middleton, which had been obtained from a hack of her iPhone. Pippa Middleton is the sister of the Duchess of Cambridge. The charges in relation to that incident were dropped and Wyatt maintains he was not responsible for the hack.

Please see the HIPAA Journal Privacy Policy

3 Steps To HIPAA Compliance

Please see HIPAA Journal
privacy policy

  • Step 1 : Download Checklist.
  • Step 2 : Review Your Business.
  • Step 3 : Get Compliant!

The HIPAA Journal compliance checklist provides the top priorities for your organization to become fully HIPAA compliant.

During the course of that investigation, Wyatt’s computer was seized. An analysis of the device revealed he had been involved in other crimes. Initially, Wyatt was arrested for using a false identity document and fraud offenses in January this year, and was arrested a second time in March for blackmail offenses.

Police discovered that Wyatt had used stolen credentials to apply for a payment card, although the application was denied. Wyatt had also used his deceased step father’s credit card to make a string of online purchases, including purchases of computer games and mobile phones. Wyatt racked up debts in the region of £4,750 on the card, according to the Northamptonshire Telegraph.

An extortion attempt saw Wyatt use the name “The Dark Overlords” on a ransom demand in which he attempted to obtain a payment of €10,000 in Bitcoin from a UK legal firm. Wyatt stole around 10,000 files from the unnamed Humberside law firm using malware to gain access to the files on the law firm’s server.

In that extortion attempt, Wyatt said that he was planning to sell the stolen files to buyers in Russia and China if the ransom demand wasn’t paid. The files included scans of driver’s licenses and passports. It is unclear whether Wyatt hacked the law firm or if he used stolen credentials to gain access to its system to install malware.

Wyatt’s partner, Kelly Walker, 35, was also arrested and charged with handling stolen goods and encouraging or assisting offenses, but she was acquitted when prosecutors failed to provide any evidence to support the charges.

It is unclear whether Wyatt was a core member of the Dark Overlord hacking group, a fringe player, or if he was a copycat that used the group’s name. Dissent from Databreaches.net pointed out in a recent blog post that Wyatt was allegedly supposed to make a call to one of the Dark Overlord’s victims in Georgia to put pressure on the clinic to pay the ransom demand. Wyatt was also allegedly responsible for opening back accounts in the UK on behalf of the Dark Overlord to take payments sent from hacking victims in the United States.

Wyatt is likely to be released in 18 months. In the UK, prisoners serving between 1 and 4-year jail terms are usually released after they have served half of their sentence, with the rest of the sentence served on probation. Wyatt has not been charged for any offenses in the United States.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.