IT manager sentenced to prison in hacking case

An Orange, Calif., IT manager who earlier pled guilty to hacking into his previous employer's computer network was sentenced Monday to five months in prison, the U.S. Attorney's Office said Tuesday.

According to a plea agreement dated Aug. 30, 2004, Mark Erfurt broke into the computer systems of Santa Clara, Calif.'s Manufacturing Electronic Sales (MESC) on Jan. 23 and 24 of 2003. During that time, he deleted data, read e-mail, and downloaded a proprietary database from the network using the PC Anywhere remote control software, the agreement said.

Erfurt also pled guilty to obstructing justice during the FBI's subsequent investigation by overwriting backup tapes that contained evidence of the break-in, the agreement said.

In addition to the five-month prison term, Erfurt was also sentenced to five months of home detention and three months of supervised release. He was also ordered to pay $45,000 in restitution. Erfurt could have been sentenced to a maximum of 5 years imprisonment for the break-in, as well as 20 years for obstruction of justice, the U.S. Attorney said.

"We hope that cases like this send a message that hacking into the computer network of your former employer is not an HR (human resources) issue," said Christopher Sonderby, chief of the U.S. Department of Justice's Computer Hacking and Intellectual Property unit. "It is a federal crime that could subject you to imprisonment."

At the time of the break-in, Erfurt was an employee of an MESC competitor, Centaur, based in Irvine, Calif. He remains an employee at the company, Centaur CEO Bruce Cahill confirmed Tuesday.

"This was a private individual that happened to use a computer system at our office," Cahill said. "We're not involved in this."

MESC could not be reached for comment on this story.

The IDG News Service is a Network World affiliate.