A Florida resident’s concerted but failed attempts at hacking the Clinton Foundation drew an 18-month prison sentence Monday, although he may not see any extra time behind bars since he’s already serving 42 years for child pornography that Secret Service found after seizing a slew of computers and electronic equipment from his residence in 2015.
Timothy Sedlak, 44, received the sentence from U.S. District Court Judge Ronnie Abrams at a hearing in Manhattan, according to a release from the U.S. Attorney’s Office for the Southern District of New York.
All the devices collected from Sedlak’s home were forfeited to the United States, and Secret Service said 31 of them contained known hacking software, such as John the Ripper, TeamViewer and PasswordsPro.
Sedlak admitted he used these to conduct brute force password attacks – mass attempts to log into different accounts – on the Clinton Foundation. Since both crimes were found via his devices, Sedlak’s defense attorneys Annalisa Miron and Noelle Lyle requested that their client serve only six months and be allowed to serve the two sentences simultaneously
However, prosecutors recommended adding an 18-month term for hacking to Sedlak’s existing sentence. They argued that the two crimes were distinctly different and therefore did not warrant concurrence. Sedlak’s child pornography charges pertained to sexual abuse of his friend’s three-year-old daughter along with possessing hundreds of child pornography images, neither of which involved hacking.
“Sedlak used dozens of computers and electronic devices to unlawfully access others’ computer networks, making hundreds of thousands of attempts to steal information from one charitable organization,” Kim said. “Although he was ultimately unsuccessful, Sedlak’s efforts impaired the organization’s ability to operate.”
Abrams straddled the two sides’ recommendations: imposing an 18-month sentence, but allowing it to run concurrent with the child porn sentence, Reuters reported.
Sedlak’s nearly 400,000 attacks prevented Clinton Foundation employees from entering their accounts, since he blocked the rightful owners from accessing their information, the government said. Sedlak’s handiwork impeded the Clinton Foundation from conducting regular business, since it had to reset passwords and reboot configurations after the complications arose. His defense called these relatively minor inconveniences, since Sedlak did not believe his actions caused actual or financial harm.
“In the privacy of my house and with the feeling of anonymity and virtuality the internet provides, I decided it was okay to break the rules,” Sedlak wrote in a letter to the judge. “My attempting to access someone else’s email was an act against them personally, regarding their privacy in communications and their security. It was also an act against the society I live in, since the security of every person who has an email account is at risk due to behavior like mine.”
Following his hacking attempts, the Clinton Foundation had to review its network infrastructure for potential compromises, especially since the organization has strong political ties and vulnerabilities could jeopardize campaigns. Sedlak also targeted political organizations, investment firms, law firms, online service providers and commercial businesses for over a year.
Secret Service found username lists on his electronic devices that matched the accounts impacted, and Sedlak told the agency that he planned to sell their hacked information – he said his private investigator business was not making enough. Sedlak also attributed his company when Secret Service found documents pertaining to Hillary Clinton and Chelsea Clinton on his computer, since Sedlak said the information abetted his research into jihadist group financing.