Edwin Vargas, a detective with the New York City Police Department, has been arrested on Tuesday for computer hacking crimes.
According to the complaint unsealed in Manhattan federal court, between March 2011 and October 2012, Vargas, an NYPD detective assigned to a precinct in the Bronx, hired an e-mail hacking service to obtain log-in credentials, such as the password and username, for certain e-mail accounts.
In total, he purchased at least 43 personal e-mail accounts and one cellular phone belonging to at least 30 different individuals, including 21 who are affiliated with the NYPD.
After receiving the log-in credentials he had purchased, he accessed at least one personal e-mail account belonging to a current NYPD officer, and an online cellular telephone account belonging to another victim.
He paid a total of more than $4,000 to entities associated with the e-mail hacking services.
An examination of the contents of the hard drive from Vargas’ NYPD computer revealed, among other things, that the Contacts section of his Gmail account included a list of at least 20 e-mail addresses, along with what appear to be telephone numbers, home addresses, and vehicle information corresponding to those e-mail addresses, as well as what appear to be the passwords for those e-mail addresses.
He also accessed the National Crime Information Center (NCIC) database, a federal database, to obtain information about at least two NYPD officers without authorization. The e-mail accounts of those two officers were among the e-mail accounts Vargas paid the e-mail hacking services to hack into so he could obtain log-in credentials.
The investigation was conducted by the FBI and the PD’s Internal Affairs Bureau, and Vargas has ultimately been charged with one count of conspiracy to commit computer hacking and one count of computer hacking. Each count carries a maximum sentence of one year in prison.
“Of all places, the police department is not a workplace where one should have to be concerned about an unscrupulous fellow employee. Unlike the e-mail accounts, the defendant didn’t need to pay anyone to gain access to the NCIC database. But access is not authorization, and he had no authorization,” commented FBI Assistant Director in Charge George Venizelos.