Five employees from cybersecurity outfit Quadsys have admitted to hacking into a rival company’s servers.
The hack was apparently to nick customer data and pricing information and the top Quadsys managers have fessed up and pleaded guilty to hacking charges. Oxfordshire, UK-based Quadsys is a reseller of IT and cybersecurity products, hardware and services. The firm sells software from vendors including Websense, Checkpoint and F-Secure. Customers include Leeds United FC, South Tyne and Wear Primary Care Trust and Derry City Council.
The owner of Quadsys, Paul Streeter, managing director Paul Cox, director Alistair Barnard, account manager Steve Davies and security consultant Jon Townsend all appeared at Oxford Crown Court and admitted to “obtaining unauthorised access to computer materials to facilitate the commission of an offence”.
This could lead to up to 12 months testing the security bars of a prison.
In March 2015, the five men were arrested and then charged in August. The group were originally held on suspicion of conspiracy to commit computer misuse offences, unauthorised PC access and conspiracy to acquire and use criminal property — allegedly, the data belonging to customers of the rival company, as well as the firm’s pricing tiers.
However there are signs that they might not get the full weight of the law pressing upon them. The judge in charge of the case reduced the severity of the charges. All five pleaded not guilty to one count of “securing unauthorised access to computer material with intent,” which is against the UK Computer Misuse Act 1990.
After three plea and case hearings, an additional count of securing access to computer material without criminal intent was added to the list, of which Townsend pleaded guilty. Cox was also charged with blackmail, to which he pleaded not guilty.
They are due to be sentenced on 9 September. A second charge, obtaining unauthorised access to computer materials with intent to commit an offence, will also be heard.