Joseph Garrison, 19, has pleaded guilty to staging a cyber fraud attack on DraftKings Sportsbook accounts in 2022 and has been sentenced to 18 months in prison. The young man was involved in a credential surfing attack and, along with other conspirators, managed to steal $600,000 from DraftKings users whose credentials had been stolen in previous data breaches. Over 1,600 sports betting accounts were affected by the cyberattack, which undermined confidence in DraftKings’ ability to protect its customers.
According to attorney Damian Williams, the sentencing highlights the need for vigilance in combating cyber threats and safeguarding digital integrity. After serving his prison sentence, Garrison will spend three years on supervised release and will have to pay $1.3 million in restitution and $175,000 in forfeiture.
This incident is not the only legal trouble that Garrison is facing. He is also involved in a legal matter in Wisconsin where he allegedly used Bitcoin to pay someone to call in bomb threats to his school.
Two of Garrison’s alleged co-conspirators, Nathan Austad and Kameron Stokes, have also been arrested and arraigned. Stokes allegedly paid Garrison to gain access to DraftKings Sportsbook accounts and then resold them online, while Austad used artificial intelligence to promote a shop of stolen user accounts and managed cryptocurrency wallets that received approximately $465,000 in proceeds from the cyberattacks and the sale of compromised data. They both face up to 20 years in prison for their alleged participation in the conspiracy.