Skip to main content

Romanian National Extradited to NJ to Face Charges in Computer Hacking Scheme

Newark New Jersey

A Romanian citizen made his initial court appearance today following his extradition to face charges that he orchestrated an international hacking scheme targeting retailers, security companies, medical offices and individuals in the United States, U.S. Attorney Paul J. Fishman announced.

Mircea-Ilie Ispasoiu, 29, of Drobeta-Turnu Severin, Romania, is charged by federal indictment with two counts of wire fraud, two counts of unauthorized computer access to obtain information, two counts of unauthorized computer access that caused damage and three counts of aggravated identity theft. Ispasoiu was arrested Nov. 13, 2014, following an investigation led by the U.S. Secret Service and coordinated with Romanian law enforcement. The Court of Appeal of Bucharest granted extradition on Jan. 26, 2015, and Ispasoiu arrived in the United States on March 20, 2015. He appeared this afternoon before U.S. Magistrate Judge Michael A. Hammer in Newark federal court.

According to documents filed in this case and statements made in court:

From August 2011 through February 2014, Ispasoiu was employed as computer systems administrator at a large financial institution in Romania. Ispasoiu’s scheme allegedly involved hacking networks belonging to retailers, security companies, medical offices and individuals in order to steal user names and passwords, personal identifiers and credit and debit card data. For just one of the victims identified in the indictment, Ispasoiu was able to steal more than 10,000 credit and debit card numbers. Ispasoiu also gained access to a computer at a large security company that ran background checks on job applicants. Ispasoiu stole the applicants’ personal identifying information, including their fingerprints.

The maximum potential penalties for each count are as follows:

Count

Violation

Maximum Penalty

1 and 2

Wire fraud

30 years; $1 million fine or twice the gain or loss from the offense

3 and 4

Unauthorized computer access to obtain information

Five years; $250,000 fine or twice the gain or loss from the offense

5 and 6

Unauthorized computer access that caused damage

Five years; $250,000 fine or twice the gain or loss from the offense

7-11

Aggravated identity theft

Mandatory two years (consecutive to any other imposed sentence); $250,000 fine or twice the gain or loss from the offense

 

1,000