Cameron Lacroix, 25, of New Bedford, exploited a website vulnerability in February 2013 to create accounts and disable a security measure at Zendesk, which provides support to the Twitter microblogging service and other companies, U.S. Attorney Melinda Haag in San Francisco said in an e-mail today.
That enabled him to access 1 million support tickets for Twitter and take control of the Twitter accounts of Jeep and a company prosecutors called “Corporation A” in charging documents filed today in federal court in San Jose, California. Lacroix defaced the companies’ Twitter accounts with text and pictures, including falsely posting on Corporation A’s feed that it had been sold to its chief competitor.
More on Cybersecurity:
Lacroix was charged with one count of intentionally damaging a protected computer. He pleaded guilty last month to hacking into computer networks, including those belonging to law enforcement agencies and a community college, in a separate case in Massachusetts, the Federal Bureau of Investigation said June 23.
Lacroix is expected to appear in federal court in Massachusetts on Aug. 8, with sentencing in that case set for October. He is free on a $50,000 bond, Haag said.
Behzad Mirhashem, an attorney at the federal public defender office in Boston who represents Lacroix, didn’t immediately respond to an e-mail seeking comment on the California case after regular business hours.
Twitter and Zendesk are based in San Francisco.
The California case is USA v. Lacroix, 14-cr-00349, U.S. District Court, Northern District of California (San Jose).
To contact the reporter on this story: Karen Gullo in federal court in San Francisco at firstname.lastname@example.org
To contact the editors responsible for this story: Michael Hytha at email@example.com Stephen Farr, Joe Schneider