A Brisbane man has been charged with buying stolen personal identification data online and defrauding hundreds of victims out of tens of thousands of dollars.
The Woolloongabba man, 25-year-old, was arrested by the AFP at his home on 27 October and appeared before Brisbane Magistrates Court on 28 October to face eight charges.
AFP Cybercrime Operations launched an investigation in March 2021 into the Brisbane man’s use of an online platform selling stolen identification information.
The man was charged with:
- Seven counts of unauthorised access to restricted data, contrary to section 478.1(1) of the Criminal Code Act 1995 (Cth); and
- One count of possessing data with the intent to commit a computer offence, contrary to section 478.3(1) of the Criminal Code Act 1995 (Cth)
AFP Commander Cybercrime Operations Chris Goldsmid said it would be alleged the man was linked to an account which he had allegedly used to buy stolen identification information.
He allegedly used the stolen identification information to make online purchases, create fraudulent bank accounts and gain unauthorised access to victims’ bank accounts, Commander Goldsmid said.
During the search warrant, several electronic devices, including two mobile phones and several electronic storage devices, were seized. The seized items are subject to ongoing forensic examination and further charges may be laid.
Commander Goldsmid urged consumers to update personal details if any platforms or websites they visited had been compromised. He said:
“Your personal information is becoming more valuable to criminals online. Previously, Cybercrime was the domain only highly-skilled offenders, however cybercriminals can now operate at all levels of technical ability, and the tools they employ are easily accessible online.”
Commander Goldsmid added:
“While in the past criminals had to break into your home to steal your possessions or money. Now, cybercriminals can be thousands of miles away but still able to reach into your wallet. Australians work hard for their money. We must not make it easy for criminals to take it away.”
Two-factor authentication is an extra layer of security some platforms support requiring a code or text message in addition to your username and password to access a service.
The stolen information does not relate to current AFP investigations into breaches of data against Optus, Medibank Private or MyDeal.