Security Experts:

Connect with us

Hi, what are you looking for?



Man Admits Hacking Law Enforcement Networks, Stealing Payment Card Data

A 25-year-old man from New Bedford, Massachusetts, has been charged with hacking into the computer networks of several organizations in the United States.

A 25-year-old man from New Bedford, Massachusetts, has been charged with hacking into the computer networks of several organizations in the United States.

Cameron Lacroix has been charged with two counts of computer intrusion and one count of access device fraud. He is said to have breached the systems of law enforcement agencies, a Massachusetts police department, and the Bristol Community College. Lacroix has agreed to plead guilty and serve four years in prison for the offences he committed, the FBI announced on Monday.

Lacroix allegedly stole payment card data for over 14,000 unique account holders between May 2011 and May 2013. In some cases, the suspect is also said to have obtained victims’ names, addresses, birth dates, email addresses, social security numbers, banking information, and a list of items they had ordered.

From August 2012 through November 2012, Lacroix allegedly obtained police and intelligence reports, arrest warrants, and other information from the servers of law enforcement agencies. Prosecutors believe that in September 2012 Lacroix breached the server of a local Massachusetts police department and gained unauthorized accessed to the chief of police’s email account. 

Between September 2012 and November 2013, while he was a student at the Bristol Community College, he used credentials stolen from three instructors to change his grades and the ones of two other students, The Sun Chronicle reported. 

This isn’t the first time Lacroix is charged with cybercrimes. Back in 2005, when he was still a juvenile, he received 11 months in a federal juvenile detention facility and two years of supervised release for hacking into the systems of Internet and telephone service providers, and making bomb threats to high schools in Florida and Massachusetts.

He was believed to be involved with a group that hacked the mobile phone of American socialite Paris Hilton, and the systems of legal research and workflow solutions provider LexisNexis.

After serving the 11 months in juvenile detention, Lacroix, who at the time was using the online moniker “cam0,” was released. He violated the terms of his supervised release so he was sent back to detention shortly after, The Washington Post reported at the time.

In 2008, he was charged with 18 counts related to credit card fraud. Federal Bureau of Prison records show that he was released in February 2011.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.


Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.


Cybercriminals earned significantly less from ransomware attacks in 2022 compared to 2021 as victims are increasingly refusing to pay ransom demands.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.