SAN JOSE &emdash; United States Attorney Kevin V. Ryan announced that William Carl Shea, 39, of San Jose, California, was sentenced late yesterday to 12 months and 1 day in prison, 6 months of home confinement with electronic monitoring, and three years of supervised release for his jury conviction for placing a computer "time bomb" on his employer's network that corrupted over 57,000 company records. Shea was the former Program Manager of a Silicon Valley-based debt collection company, Bay Area Credit Services, Inc. In San Jose. On September 7, 2005, a jury convicted the defendant following a six-day trial and about two hours of deliberation.As the condition of supervised release, the defendant was ordered not to possess or use a computer with Internet access without the prior approval of the probation officer. U.S. District Court Judge Ronald M. Whyte sentenced the defendant.
According to the indictment and evidence introduced at trial, Mr. Shea placed malicious computer code on the network of the Bay Area Credit Services, Inc. in San Jose that caused the deletion and modification of financial records and disruption of the proper functioning of the computer network. More than 50,000 debtor accounts were ultimately affected by the operation of the code before it was stopped.
Evidence presented at trial showed that Mr. Shea was hired around August 2001 as a programmer and manager of the company's specialized financial software computer network. In this position, Mr. Shea had administrative level access to and familiarity with the company's computer systems, including the database server. After Mr. Shea was advised of adverse employment issues near the end of 2002, he was placed on a performance improvement plan on January 6, 2003. The evidence showed that a "time bomb" was placed onto the company's network around that time. When the defendant failed to show up at work without any prior notice on January 17, 2003, he was terminated. Company officials did not know at the time that he had placed malicious code on the computer network that was set to delete and modify data at the end of the month.
After the code corrupted financial records, investigators and others traced the access and modification of the time bomb to the defendant. Each point of access was through one of the defendant's accounts. The malicious code was written to delete the source code but officials eventually found a copy on a backup tape, which further confirmed Mr. Shea's involvement. Evidence was also presented that Mr. Shea deleted computer records concerning his command history of access to the time bomb.
Defendant Shea was ordered to surrender into federal custody on August 22, 2006. He was charged with intentionally causing damage to a computer in violation of 18 U.S.C. ¤¤ 1030(a)(5)(A)(I) & 1030(a)(5)(B)(I) and 1030(c)(4)(A).
The prosecution is the result of an investigation by the Federal Bureau of Investigation's Cyber Crime Squad in Oakland. The investigation was overseen by the Computer Hacking and Intellectual Property (CHIP) Unit of the United States Attorney's Office for the Northern District of California. Mark L. Krotoski is the Assistant U.S. Attorney from the CHIP Unit who is prosecuting the case.
A copy of this press release and related court filings may be found on the U.S. Attorney's Office's website at www.usdoj.gov/usao/can.
Electronic court filings and further procedural and docket information are available at https://ecf.cand.uscourts.gov/cgi-bin/login.plhttps://ecf.cand.uscourts.gov/.
Judges' calendars with schedules for upcoming court hearings can be viewed on the court's website at www.cand.uscourts.gov.
All press inquiries to the U.S. Attorney's Office should be directed to Luke Macaulay at (415) 436-6757 or by email at Luke.Macaulay@usdoj.gov.