A UK national pleaded guilty today to extorting tens of companies across the world as a member of an infamous hacking group known as The Dark Overlord (TDO).
Nathan Francis Wyatt, 39, was sentenced to five years in prison and ordered to pay $1,467,048 in restitution to victims.
According to court documents, Wyatt was part of the TDO hacker group since 2016. The group operated by hacking into large companies, stealing their sensitive data, and then asking for huge ransoms.
If victims didn’t pay, the hackers would sell their data on hacking forums, leak it on the public internet, or tip journalists about the breach in order to generate negative press for the hacked company.
Wyatt’s role in the scheme was to contact victims and demand ransom payments. He was connected to the group after he used phone numbers registered in his name to contact some of the victims.
Wyatt was arrested in 2017 in the UK and extradited to the US in December 2019 to face charges.
Prior to his arrest for TDO-related charges, Wyatt previously investigated for hacking the iCloud account of Pippa Middleton, the sister of the Duchess of Cambridge.
Most of the other members of the TDO group remain at large.
In May 2018, Serbian authorities arrested a 39-year-old man in Belgrade on charges of being one of the TDO members; however, it’s unclear how he was connected to the group as authorities only shared the man’s initials (S.S.) and birth year (1980), which made tracking his case harder.
The TDO group has a long and prodigious hacking history. The group has taken credit or has been linked to tens of hacks, such as:
- Hacked three healthcare organizations and sold 651,894 patient records on the Dark Web
- Sold over 9.3 million patient records from an unnamed healthcare insurance provider
- Hacked and extorted the Cancer Services of East Central Indiana-Little Red Door center
- Hacked Netflix and leaked episodes from season 5 of “Orange Is The New Black”
- Hacked ABC and leaked episodes from “Steve Harvey’s Funderdome” TV show
- Hacked Larson Studios, Inc., a Hollywood audio post-production studio, and stole a large collection of unreleased TV show episodes
- Hacked H-E Parts International Morgan
- Hacked Line 204, a provider of sound stages for Hollywood studios
- Hacked Austin Manual Therapy Associates
- Hacked SMART (“Sports Medicine and Rehabilitation Therapy”) Physical Therapy
- Hacked Hand Rehabilitation Specialists
- Hacked Gorilla Glue
- Hacked and released data from multiple companies, such as Pre-Con Products, G.S. Polymers, PcWorks, International Textiles & Apparel, and UniQoptic
- Hacked Caribbean Island Properties, a real estate company
- Hacked Prime Staff Inc., an HR firm
- Hacked Channel Ship Services, a sea shipping company
- Hacked Sterling National Financial Group, an insurance firm
- Hacked AZ Plastic Surgery Center