Two Rhode Island Men Plead Guilty to Hacking Federal Law Enforcement Database and Extorting Victim

Two Rhode Island men, Sagar Steven Singh, 20, and Nicholas Ceraolo, 26, have pleaded guilty to hacking into a confidential federal law enforcement database and using the sensitive information to threaten and extort a victim. The duo were members of a hacking group called “ViLe” that engaged in the practice of “doxxing,” where victims’ personal data was collected to harass, threaten, or extort them.

The breach occurred on May 7, 2022, when Singh used a stolen password belonging to a police officer to access a non-public, password-protected federal law enforcement portal maintained by the U.S. Drug Enforcement Administration (DEA). This portal contained detailed records on narcotics and currency seizures, as well as law enforcement intelligence reports with state and local agencies.

Following the breach, Singh shared the stolen login credentials with Ceraolo and other members of the ViLe hacking group. Singh then used the database to obtain personal information on an individual, referred to as Victim-1 in court documents. He threatened to harm Victim-1’s family if they did not provide login credentials to their Instagram accounts.

Both Singh and Ceraolo have pleaded guilty to charges of computer intrusion conspiracy and aggravated identity theft. U.S. Attorney Breon Peace condemned their actions, stating that they had access to sensitive personal information and used it to extort victims for financial gain.

The defendants face two to seven years in federal prison upon sentencing for their crimes. The U.S. Attorney’s Office in the Eastern District of New York thanked law enforcement agencies for their assistance in the case and emphasized their commitment to protecting victims from cybercriminals who seek to exploit their sensitive information.