IT security worker who stole data and hacked business websites is jailed

An IT security worker who stole data and hacked websites from businesses across the UK has been jailed.

Craig Fox, 36, from Scholes Drive, Chadderton, appeared at Chester Crown Court on Friday 12 August after pleading guilty to two counts of blackmail, six counts of the Computer Misuse Act and three counts of fraud by false representation.

He was sentenced to five years imprisonment and was handed a 10 year Criminal Behaviour Order (CBO).

Fox must also pay a total of £190 in court costs.

The court heard how Fox targeted businesses linked with homeware and interior design up and down the country – the first taking place on 2 May 2021 where Fox posted a religious video to the website and prevented customers being able to access any products on the site.

Crucial website files were also deleted, causing significant financial damage to the business and emotional stress to the owners.

The second attack took place the next day on another similar company – but this time he sent emails from the business email account making false claims about the company.

The website was also defaced – stating Fox had access to all of the accounts and that if demands were not met he would release sensitive data to the public.
Communication data enquiries were made which led to an address on Marsland Road, Sale, Manchester.

Officers from the Cheshire Police Cyber Crime Team conducted a warrant at the address but following initial enquiries at the property there was no trace of any illegal activity.

However, after speaking to the occupant they revealed that their neighbour had previously asked to use their WiFi.

Further examination of the WiFi router found a device called ‘CraigLaptop’ had been previously been connected to it.

Officers knocked on the property and were provided access by a housemate of Fox.

Although Fox, who worked in IT security, was not home at the time, police secured a warrant to search his room.

During the search, a piece of paper with the WiFi code for the neighbouring house along with a charger for a Dell laptop.

However no mobile phone or laptop were found at the address so detectives set up an appointment to speak with Fox. He stated he had been loaning a phone which he had since returned and that he didn’t own a laptop.

He was subsequently arrested and further enquiries revealed his laptop was at an office in Manchester which was seized, examined and found to contain key evidence. Fox was subsequently released under investigation.

During the subsequent investigation it was ascertained that Fox had hacked several other businesses claiming he had ‘exposed weaknesses’ in their IT security.

He even asked donations for the ‘work’ he had carried out, providing bank account details which later financial checks revealed were assigned to his bank account.

Fox was later summonsed to court in relation to the offences was found to have committed.

Detective Sergeant Dave MacFarlane, who led the investigation, said: “Fox thought he could hide his exploits by claiming not to own a laptop or even a personal phone yet was blatant enough to use his own name on correspondence with effected businesses.

“This was a complex case and I would like to thank the victims and witnesses without whom this result would not have been possible. I would also like to thank the courts for passing down the sentence that they have to Fox.

“I hope that this case acts as a deterrent and shows how we are relentless in our pursuit of criminals and will not stop until justice is served.”