31-year-old Nicholas Michael Kloster has been indicted in the USA for computer hacking, according to the US Ministry of Justice. The indictment alleges that Kloster breached the computer networks of a network of fitness clubs and a non-profit organization to promote his services in cybersecurity. He is suspected of being involved in at least three incidents.
The first incident took place on April 26, when Kloster unlawfully accessed the systems of a fitness club and later sent a letter to one of the club’s owners, confessing to the breach and offering his services as a security consultant. He claimed to have assisted over 30 small and medium-sized businesses in the region and detailed how he bypassed security measures to gain access.
Kloster also deceptively reduced his gym subscription fee to $1, removed his photo from the club’s database, and stole an employee’s badge. In a few weeks, he posted a screenshot on social media showing that he had control over the club’s video surveillance system.
In another incident on May 20, Kloster infiltrated a non-profit organization’s building, bypassed the authentication system using a boot disk, set up a VPN network, and changed account passwords. This breach led to approximately $5,000 in damages for the organization as they had to restore security systems.
Furthermore, Kloster is accused of using stolen credit card data from his former employer to purchase USB devices for exploiting system vulnerabilities.
It is important to note that these accusations do not imply guilt. Kloster’s guilt or innocence will be decided based on the evidence presented during the trial. If convicted, he could face up to 15 years in prison, with 5 years for unauthorized access and 10 years for causing damage, as well as fines and compensation for the victims.