Brisbane man arrested for using stolen data to commit widespread fraud
A Brisbane man has been charged with buying stolen personal identification data online and defrauding hundreds of victims out of tens of thousands of dollars.
The Woolloongabba man, 25, was arrested by the AFP at his home on 27 October and appeared before Brisbane Magistrates Court on 28 October to face eight charges.
AFP Cybercrime Operations launched an investigation in March 2021 into the Brisbane man’s use of an online platform selling stolen identification information.
AFP Commander Cybercrime Operations Chris Goldsmid said it would be alleged the man was linked to an account which he had allegedly used to buy stolen identification information.
He allegedly used the stolen identification information to make online purchases, create fraudulent bank accounts and gain unauthorised access to victims’ bank accounts, Commander Goldsmid said.
During the search warrant, several electronic devices, including two mobile phones and several electronic storage devices, were seized. The seized items are subject to ongoing forensic examination and further charges may be laid.
Commander Goldsmid urged consumers to update personal details if any platforms or websites they visited had been compromised.
“Your personal information is becoming more valuable to criminals online,’’ Commander Goldsmid said.
“Previously, Cybercrime was the domain only highly-skilled offenders, however cybercriminals can now operate at all levels of technical ability, and the tools they employ are easily accessible online.”
“While in the past criminals had to break into your home to steal your possessions or money. Now, cybercriminals can be thousands of miles away but still able to reach into your wallet.”
“Australians work hard for their money. We must not make it easy for criminals to take it away.”
“If a service you use - be it a social media platform, business you’ve shopped at before or loyalty programs - has suffered from a data breach, then you need to be proactive and update your details.
“Using different passwords for all services and enabling two-factor authentication on your accounts will help keep you better protected.”
The man was charged with:
- Seven counts of unauthorised access to restricted data, contrary to section 478.1(1) of the Criminal Code Act 1995 (Cth); and
- One count of possessing data with the intent to commit a computer offence, contrary to section 478.3(1) of the Criminal Code Act 1995 (Cth)
Two-factor authentication is an extra layer of security some platforms support requiring a code or text message in addition to your username and password to access a service.
The stolen information does not relate to current AFP investigations into breaches of data against Optus, Medibank Private or MyDeal.