A man accused of launching a cyberattack that is alleged to have allowed him and an accomplice to access the information of nearly 100,000 Bell Canada customers is not allowed to use a computer with internet access, unless it is for work, while his case is pending at the Montreal courthouse.
Nana Kofi Opoku Koranteng, a 25-year-old Verdun resident, appeared before Quebec Court Judge Claude Leblanc on Wednesday and agreed to follow a series of conditions to be released after his arrest in Project Abalone.
The RCMP launched the investigation in 2018 after Canada’s largest telecommunications company reported the data breach. In January 2018, it estimated hackers accessed the information of “fewer than 100,000” customers, including their names and email addresses. Bell reported that it appeared that no banking or credit card information was stolen.
On Tuesday, the RCMP arrested Koranteng and Jesiah Russell-Francis, a 25-year-old resident of the St-Laurent borough, on a warrant listing seven charges, including conspiracy, fraud exceeding $5,000, possessing another person’s identity, fraudulently impersonating Bell Canada customers and possession of cellphones with the intent to convert them.
Both men made their first court appearances on Tuesday and Russell-Francis was released the same day. Koranteng was ordered to be detained overnight for Tuesday’s release hearing.
Koranteng, represented by defence lawyer Adam Ginzburg, listened quietly as prosecutor Julien Gaudet-Lachapelle read the list of conditions. He is not allowed to use a computer except for the purposes of work. If he resides at a house with internet access, the password must be changed so he cannot use the network. If he wants to have a cellphone, it has to be one with no access to the internet.
“The information I received is that he works at an Apple Store,” the prosecutor later told reporters.
Koranteng is also not allowed to communicate with Russell-Francis — who agreed Tuesday to a similar series of conditions — unless it is to discuss their case with their lawyers present.
In May 2017, Bell Canada was hit with a similar attack in which 1.9 million email addresses and about 1,700 names and phone numbers were stolen from the company’s database. Gaudet-Lachapelle was unable to say whether the accused are believed to have been behind that attack, but the arrest warrant alleges the men committed the crimes between July 1, 2017 and Jan. 30, 2018.
According to a statement issued by the RCMP, “Bell Canada customer accounts were breached and personal information was consequently stolen. In the course of the investigation, two suspects were identified after a number of stolen accounts were used to fraudulently purchase goods online.”
The statement quoted Alexandre Beaulieu, acting officer in charge of the RCMP Cybercrime Investigative Team at National Division, as saying: “This is a textbook example of a hacking case where stolen personal data was used to purchase hardware material. I’m proud of the work of our investigators as they worked diligently with our partners to prosecute these crimes, which have an impact on our country’s economic well-being.”
The case against both men returns to court on Dec. 3.