Man quizzed over Pippa Matthews ‘hacking’ jailed in US over unrelated crimes
22 September 2020, 01:34
Nathan Wyatt pleaded guilty in St Louis to conspiring to commit aggravated identity theft and computer fraud.
A British man questioned over the alleged hacking of an iCloud account belonging to the Duchess of Cambridge’s sister has been sentenced to five years in jail in the US in an unrelated case.
Nathan Francis Wyatt, who was part of a hacking collective called The Dark Overlord, was sentenced for helping the group steal information from several companies in the US, including in Missouri, Illinois and Georgia.
The 39-year-old pleaded guilty in federal court in St Louis to conspiring to commit aggravated identity theft and computer fraud. He was also ordered to pay some 1.5 million dollars (£1.17m) in restitution.
In 2016, Wyatt was arrested by UK police investigating the hacking of Pippa Matthews’ iCloud account, amid reports pictures of Kate and her children, Prince George and Princess Charlotte, were among thousands of images taken.
The father-of-three was released with no further action in relation to that case in September, 2017.
In St Louis, federal prosecutors said The Dark Overlord stole medical records, client files and personal information from the companies, then demanded between 75,000 and 300,000 dollars (£58,000-£234,000) worth of Bitcoin to return the information.
None of the companies paid the ransom but the conspiracy did cost them because of the intrusion and release of data, federal prosecutor Laura Kathleen Bernstein said.
Wyatt set up a phone account and accounts on Twitter and PayPal that were used to communicate and receive money, she said.
Wyatt apologised during the hearing, held via Zoom, saying he was on medication for mental problems that led him to make bad decisions, The St Louis Post-Dispatch reported.
“I can promise you that I’m out of that world,” he said, voice breaking. “I don’t want to see another computer for the rest of my life.”
His lawyer, Brocca Morrison, noted Wyatt did not orchestrate the hacks and is the only hacker who has been identified.
Ms Bernstein said Wyatt’s actions helped the other hackers remain anonymous and that his phone account was used to send threatening text messages to relatives of victims.
Wyatt was indicted in 2017, but he was not extradited to the US until last year after British lawyers fought to keep him in that country.
He had served 14 months in a British prison after pleading guilty to 22 charges after he was accused of demanding money from the owner of a hacked computer and using stolen credit cards.
