Houston Woman Admits to Accessing Computer of Former Employer
HOUSTON – A 54-year-old Houston resident has entered a guilty plea to accessing a protected computer without authorization, announced Acting U.S. Attorney Abe Martinez. Velvet Smith admitted she had accessed the password-protected website of Next Day Four Color (ND4C), her former employer, at least 20 times to steal information that she used to benefit a competitor.
Smith worked for ND4C for four years. Part of her duties included serving as ND4C’s office manager, in which she helped new employees create accounts for ND4C’s website and had access to their login credentials.
In approximately January 2015, she resigned from ND4C and started working for one of its competitors. She then repeatedly accessed ND4C’s password-protected website without authorization and obtained confidential information on pricing and client orders. Smith also intruded into ND4C’s password-protected website by using an employee’s login credentials without their knowledge or permission. As part of her plea today, she admitted this occurred approximately 20 times in 2016.
On one of those occasions, May 31, 2016, Smith used that employee’s credentials to intrude into ND4C’s website and view their client list. Smith sorted the list by location to focus on clients in Houston, Dallas and Louisiana, then sorted it by purchase size and downloaded the list. She subsequently combined this data with information about her then-employer’s existing customers. According to Smith, the combined list was used by her then-employer to send out promotional materials to at least 1,300 of ND4C’s clients.
Smith continued accessing ND4C’s website without authorization until at least July 2016.
According to information presented in court today, Smith accessed ND4C’s computers for the purpose of obtaining a commercial advantage and that her actions caused an actual loss of approximately $275,810.
Sentencing has been set for June 15, 2017, at which time Smith faces up to five years in federal prison and a $250,000 maximum fine.
The FBI Houston Area Cyber Task Force conducted the investigation. Assistant U.S. Attorney Michael Chu is prosecuting the case.