Sentence of the Rivne City Court of the Rivne Region, dated September 13, 2019, case No. 569/12334/19. Available at http://www.reyestr.court.gov.ua/Review/84251500

The Court…  found:

On July 25, 2018, the exact time was not ascertained by the pre-trial investigation, the accused person being at his place of residence [the address is hidden], for the purpose of unauthorized interference with the operation of computers that ensured the functioning of the electronic mail server at https://www.bigmir.net/, using the personal computer [identification details are provided], having the access to the Internet via the IP-address [the address is hidden] provided by the provider NashNet LLC, acting intentionally, being aware of the socially dangerous nature of his activities, foreseeing their harmful consequences and deliberately wanting the occurrence of these consequences, pretending to be the authorized user of the owned by the victim electronic mailbox account [the address is hidden], which by itself is information with limited access and protected in accordance with the Ukrainian laws …, contacted the support service of [the information is hidden] and indicated that he had forgotten the password for the mailbox and provided the known to him authorization data of the victim.

As a result, the accused person received a new password for the victim’s e-mail box account [the address is hidden] and without victim’s consent and knowledge, illegally changed the password for accessing the e-mail box. Having done so he committed unauthorized interference with the operation of the computer network account [the information is hidden] owned and used by the victim in the city of Rivne at the time of committing the crime.

Because of these illegal activities of the accused person, the process of matching the victim and her user rights, carried out automatically by the electronic mail server through the use of special software, had been changed, and the registration data of the legally authorized user had been invalidated, and that led to the blocking and loss of information about the victim who had the right of access to it, and to the leakage of information the victim did not want to disclose.

By his intentional acts in the form of unauthorized interference with operation of computers, computer networks that led to the blocking, loss and leakage of the information the accused person committed the crime specified by Article 361 (1) of the Ukrainian Criminal Code [unauthorized interference with computers, automated systems, computer networks or telecommunication networks]…

In addition, on July 25, 2018, the exact time was not ascertained by the pre-trial investigation, the accused person being at his place of residence [the address is hidden], using the personal computer [identification details are provided], having the access to the Internet via the IP-address [the address is hidden] provided by the provider NashNet LLC, knowing the authorization data, namely the login and the password for accessing the electronic mailbox account [the address is hidden] owned by the victim, which he had received through the unauthorized interference with the operation of the e-mail server, without  consent of the owner, without having legal grounds, got the access to the letters stored in the e-mail box [the address is hidden] and studied the contents of the victim’s correspondence using the computer. Having thus received the information that the addressee did not want to provide access to other persons, the accused person violated the right of the victim to secrecy of correspondence guaranteed by Article 31 of the Ukrainian Constitution.

By his intentional acts violating the secrecy of correspondence transmitted through a computer, the accused person committed the crime specified by Article 163 (1) of the Ukrainian Criminal Code [violation of secrecy of correspondence, telephone conversations, telegraph or other correspondence transmitted by means of communication or through a computer].

In addition, on July 25, 2018, the exact time was not ascertained by the pre-trial investigation, the accused person being at his place of residence [the address is hidden], acting intentionally, repeatedly, for the purpose of unauthorized interference with the operation of the account on the computer (social) network Facebook, using the personal computer [identification details are provided], having the access to the Internet via the IP-address [the address is hidden] provided by the provider NashNet LLC, being aware of the socially dangerous nature of his activities, foreseeing their harmful consequences and deliberately wanting the occurrence of these consequences, pretending to be the authorized user of the victim’s Facebook account at [the information is provided], having scanned copies of documents that contain victim’s personal data (the passport of a citizen of Ukraine for travelling abroad; the tax payer identification number certificate), which by themselves are confidential personal information and information with limited access created and protected in accordance with the Ukrainian laws …., sent them to the Facebook support service and obtained the new access code to the victim’s page on Facebook. As a result, the accused person without victim’s consent and knowledge, illegally changed the password for her Facebook page, and thus committed the unauthorized interference with the operation of the account in question owned by the victim and used by the victim in the city of Rivne at the time of committing the crime, and blocked the access to this account by changing the authorization data.

Because of these illegal activities of the accused person, the process of matching the victim and her user rights, carried out automatically by the Facebook’s computer network through the use of special software, had been changed, and the registration data of the legally authorized user had been invalidated, which led to the blocking and loss of information about the victim who had the right of access to it.

Furthermore, on July 25, 2018, the exact time was not ascertained by the pre-trial investigation, being at his place of residence [the address is hidden], using the personal computer [identification details are provided], having the access to the Internet via the IP-address [the address is hidden] provided by the provider NashNet LLC, knowing the authorization data, namely the login and the password for accessing the owned by the victim electronic mailbox account [the address is hidden] that he had obtained by committing the unauthorized interference with the operation of the electronic mail server, and having access to the victim’s correspondence, without consent of the owner, without legal grounds, in violation of the Ukrainian laws…, he collected from the victim’s electronic mailbox [the address is hidden] victim’s confidential personal data with limited access, namely scanned copies of the victim’s documents: the passport of a citizen of Ukraine for travelling abroad; the tax payer identification number certificate).

Later, the accused person saved on the hard drive of his personal computer the above mentioned confidential personal data.

Continuing his illegal intentional activities, the accused person sent to the Facebook support service the above mentioned confidential personal data, namely the scanned copies of the victim’s documents: the passport of a citizen of Ukraine for travelling abroad; the tax payer identification number certificate, thereby he used and disseminated the confidential personal data.

By his intentional acts in the form of illegal collection, storage, use and dissemination of confidential personal data, the accused person committed the crime specified by Article 182 (1) of the Ukrainian Criminal Code [violation of privacy].

The accused person pleaded guilty to the charges…

Sentence of the Communarsk District Court of the Zaporizhzhia City, dated March 10, 2020, case No. 333/714/20. Available at http://www.reyestr.court.gov.ua/Review/88168838

The Court…  found:

The accused person, being well-versed and having software operating skills, acting for the sake of gain and generating income, committed unauthorized interference with operation of computers, automated systems, computer networks resulted in a leakage and breaking information routing.

To give effect to this criminal intent, the accused person, acting intentionally, making an attack on information in automated systems, willfully, without a permission of the victim, without having any actual or specified right to do so, hacked into the victim’s personal account by obtaining information about the login and password for the online game World of Tanks.

On October 4, 2019 at 22:27 the accused person being at his place of residence [the address is hidden], acting intentionally, using his personal computer that provided access to the Internet, operating illegally, willfully, without an owner’s permission, committed unauthorized interference with a computer network, namely with the operation of the victim’s online game account, using the method of sifting and selection of the identification data (a login and password), successfully passed the authentication procedure and illegally obtained the right to access and to administer the victim’s personal account for the game World of Tanks accessible via the hyperlink [the link is hidden]. After gaining the access to the account in question, he sold it to an unidentified person.

The illegal acts of the accused person resulted in a leakage of information because the latter gained access to all confidential data of the victim, including the victim’s account for the online game World of Tanks and in breaking information routing because the information from the victim’s account, supposed to be conveyed to the victim, during the period of the unauthorized interference was conveyed to the accused person, and currently access to the victim’s account is blocked.

After his intrusion the accused person in order to conceal his criminal acts logged out of the account and changed the password for its further sale to unidentified persons.

By his intentional acts the accused person committed the crime specified by Article 361 (1) of the Ukrainian Criminal Code [unauthorized interference with computers, automated systems, computer networks or telecommunication networks], namely unauthorized interference with operation of computers, automated systems, computer networks resulted in the leakage and breaking information routing.

The accused person pleaded guilty to the charges…