The former managing director of an online jobs board was caught stealing personal details of oil and gas workers in a FBI sting.
Kevin Forbes, from Aberdeen, set up OilandGasPeople.com in 2009, a website that solicits job seekers to upload their CVs.
But he was caught in a federal crackdown on cyber crime when he unknowingly met an uncover law enforcement agent at a New York hotel and bragged about being able to access privileged information.
He logged into a virtual private network and accessed information related to resumes, subscribers and employees who had uploaded information to an online database.
He then tried to flog the details for $250,000.
Forbes was arrested in February 2017 and was later charged with criminal access of a protected computer without authorization.
He entered a plea agreement with a New York court in May in order to try and get a more lenient sentence.
Judge Kevin Castel sentenced Forbes to 18 months in a low-security United States federal prison.
He was also fined more than $500,000 in compensation. He will be on three years supervised release.
According to court documents, compiled by an FBI agent cyber security specialist, a confidential source tipped off the authorities to Forbes’ illicit internet activity.
The document states that Forbes told a source that he had downloaded 450,000 resumes and a spreadsheet with details on 800 customers.
On February 23 Forbes went to a Manhattan hotel and met an undercover FBI agent.
He told the agent and the informant that he could continue to obtain stolen resumes and data for a joint venture to create a new online job board similar to the one he already ran.
Forbes later told the meeting “You can get into every client account”.
In his sentencing letter, Judge Castel said: “The defendant offered to sell the resumes and customer data to the confidential source (CS) for approximately $250,000.
“On or about February 23, 2017, the CS and an undercover law enforcement agent (the “UC”) met with the defendant at a hotel in New York, NY, where the defendant used a laptop computer to log into a virtual private network and access Victim-1’s company database.
“During the meeting, the defendant demonstrated his ability to view information related to resumes, subscribers, and employees who had uploaded information to Victim-1’s database, including the usernames and passwords for subscribers. The defendant was arrested on February 24, 2017.”
OilandGasPeople.com has been contacted for comment as has the UK Foreign and Commonwealth Office.