March 13, 2015

Arvada Man Sentenced to 30 Months in Federal Prison for Hacking into Computer System of His Former Employer

DENVER—Blake Douglas Snowden, age 44, of Arvada, Colorado, was sentenced yesterday by U.S. District Court Judge Christine M. Arguello to serve 30 months in federal prison, followed by three years of supervised release for unauthorized access to a protected computer and unauthorized interception of an electronic communication, the U.S. Attorney’s Office and the Federal Bureau of Investigation (FBI) announced. Snowden was also ordered to pay restitution of $25,354 to Onyx Healthcare, Inc., his former employer and the company whose computer and e-mail he hacked. Judge Arguello found that the total loss Snowden caused to Onyx Healthcare was $1,697,471.76. The defendant, who appeared at the sentencing hearing free on bond, was ordered to report to a Bureau of Prisons facility within 30 days of designation.

Snowden, no relation to the infamous Edward Snowden, was indicted by a federal grand jury in Denver on November 20, 2013. He pled guilty before Judge Arguello on May 28, 2014. He was sentenced on March 12, 2015. The issue regarding loss took substantial time to resolve, explaining the nearly one year between guilty plea and sentencing.

According to the stipulated facts contained in the plea agreement, Snowden worked as a sales employee for Onyx MD, which is a Colorado company headquartered in Denver, Colorado. Onyx provides physician staffing services nationwide with their primary focus being temporary placement of physicians. The company uses a password-protected third-party web-based software application for customer relationship management. The web-based software is also used for numerous business functions, including employees accessing their e-mail, reviewing calendar events and tasks, and accessing client and prospective client records.

In September 2011, Onyx noticed that its Development Director’s account was setup to forward copies of his e-mail messages to another e-mail address outside of the company. He had not configured that setting. It was later determined that three other Onyx executives also had copies of their e-mails rerouted without their permission. An investigation was initiated by the FBI after the executives determined that an intruder had not only rerouted copies of executives’ e-mails, but also accessed a proprietary company database that contained physician and client information. Of the information illegally accessed, ninety percent (90%) of the candidate physician profiles were surgeons.

Agents determined that the intruder masqueraded the true IP address. However, follow up determined that the intruder used a Qwest IP address affiliated with Snowden’s residence in Arvada, Colorado. Snowden had also used an IP address located in Kremmling, Colorado, where he owned or was associated with another residential property. The investigation then began to target Blake Snowden who was a sales employee at Onyx who primarily focused on recruitment and placement of surgeons until his employment was terminated on August 30, 2010.

In 2011 Snowden started to work for an affiliate of All Star Recruiting, Inc., a Florida-based physician recruiting company that competed with Onyx in the temporary placement of physicians market. On December 15, 2011, a search warrant was executed at Snowden’s Arvada residence. During the execution of the warrant, digital evidence, namely two laptops and removable storage media, were found. Numerous Microsoft Word documents, e-mails and recorded conversations were found on the electronic media seized from his residence. These files found on the laptops revealed that the defendant had obtained passwords that enabled him to fully access the Onyx web-based software beginning in March 2011 through September 2011. Further investigation into various e-mail accounts controlled by Snowden revealed that he had intercepted approximately 19,502 unique e-mail messages that had been sent to Onyx’s executives during that timeframe.

“Hacking into a secure computer system is a federal crime that can lead to significant federal prison time,” said U.S. Attorney John Walsh. “The prison sentence handed down by Judge Arguello reflects the particularly malicious nature of the criminal conduct in this case, in which the defendant hacked with intent to harm a company and its employees.”

“A personal vendetta against a former employer turned into a criminal act,” said FBI Denver Special Agent in Charge Thomas Ravenelle. “In this instance, the defendant was able to inflict great damage to the victim company by accessing and taking information from the database system that is pivotal to the victim’s business operations. This was done to gain an unfair competitive advantage. This behavior was aggravated by the defendant’s complete disregard for the privacy of several employees at the victim company by intercepting and accessing their e-mail communications. Regardless of motivation, the FBI is committed to tracking down cybercriminals who launch such malicious, targeted attacks.”

This case was investigated by the FBI’s Cyber Squad.

The defendant was prosecuted by Assistant U.S. Attorney David Tonini.