PROVO A federal prosecutor has charged a Brigham Young University student with fraud for tampering with four campus computers to secretly log the private keystrokes of 600 students who used the machines.
Esteban N. Rodriguez, 25, "intentionally accessed a computer without authorization and exceeded authorized access, and thereby obtained information from a protected computer," according to documents filed Tuesday in U.S. District Court.
Rodriguez declined an interview request when contacted by phone Wednesday evening. According to a BYU Web site, he is from Necochea, Argentina.
The sophisticated software used in the break-in last spring recorded every keystroke entered on four of the computers in the Widtsoe Building open-access computer lab. The captured information was periodically transmitted via e-mail to a Hotmail account created with a bogus name. However, there is no evidence the information was used for identity theft or any other purpose, said BYU officials and Melodie Rydalch, spokeswoman for the U.S. Attorney's Office in Salt Lake City.
No motive was given for the break-in.
Investigators had speculated the crime was an inside job by someone with access to the lab's master password. Rodriguez had worked as a part-time student employee in the lab. In fact, a work phone number listed for him on a BYU Web site was for a computer lab in another campus building, the Kimball Tower.
BYU officials could not confirm Wednesday whether Rodriguez was still employed by that lab. An employee in the lab who answered the phone Wednesday night said he had not seen Rodriguez this summer.
The spyware was discovered in late April when another student employee in the Widtsoe lab noticed strange icons on two computer monitors. A sophisticated search uncovered the software on two additional machines.
BYU moved quickly to protect the identities of students. The university terminated their passwords to the campus intranet called Route Y so no one else could access their campus records, BYU spokesman Brent Harker said.
Each student was contacted by phone, e-mail or via a notice on their student computer accounts. They were told to change their Route Y passwords and advised to do the same with other accounts they might have accessed online from the Widtsoe Building computers.
Harker said the administrative password in the Widtsoe lab should have been changed more often.
"Since that time we've changed administrative passwords in that lab and reinforced a general policy to change those passwords routinely," Harker said. "This wasn't done from outside, it was from within."
FBI and BYU investigators seized a computer from a Provo residence and used subpoenas to gather telephone and other electronic records during an investigation.The federal charge for fraud and related activity in connection with computers is a misdemeanor, Rydalch said. It carries a maximum penalty of up to one year in prison and a $100,000 fine.
- Tabernacle Choir performs Handel's 'Messiah'...
- Two bodies discovered near Provo's Squaw Peak
- Police make arrest in death of 59-year-old...
- 2-year-old boy dies from accidental shooting...
- Film about man's crusade against child sex...
- No aftershocks from Saturday's Tooele quake
- Salt Lake City Marathon comes with many...
- Western states to feds: Turn over public lands
- Atheists, Mormon scholars talk religion 90
- At UVU, Elder Oaks sees hope despite... 79
- Utah, Oklahoma same-sex marriage cases... 47
- Appeals judges question right to sue in... 28
- Autopsies of 7 infants completed;... 24
- Texas seizes FLDS Church's secluded ranch 24
- 2-year-old boy dies from accidental... 18
- Salt Lake City's inversion problem... 13