He then sold this valuable information to other individuals who utilized it to drain a total of 1,600 customer accounts. Federal prosecutors in Manhattan unveiled the details of the case against Garrison.
The hacking technique employed by Garrison is known as credential stuffing, a method that thrives when online users adopt the risky practice of using the same password and log-in credentials across multiple websites.
In a revealing text message to one of his co-conspirators, Garrison allegedly wrote, “Fraud is fun. I’m addicted to seeing money in my account.”
While DraftKings is not specifically mentioned in the criminal complaint, the company confirmed that some of its customers’ accounts had indeed fallen victim to the scheme.
DraftKings took immediate action to restore the stolen funds. And emphasized its commitment to the safety and security of its customers’ personal and payment information.
This incident isn’t Garrison’s first brush with the law.
Teen hacker has over $2 million
He was already facing charges in a separate case in Wisconsin. And is suspected of employing Bitcoin payments to incentivize individuals to make bomb threats to the high school he attends in Madison and other cities where his friends resided.
