A Wisconsin man has been charged in connection with a sophisticated scheme to illegally gain access to hundreds of unauthorized customer accounts at a sports betting website in late 2022, federal prosecutors announced Thursday.
The U.S. Attorney’s Office of the Southern District of New York announced the unsealing of a six-count indictment against Joseph Garrison, a resident of Madison, Wisconsin. Garrison, 18, and several others allegedly accessed roughly 60,000 accounts at the website through a technique known as “credential stuffing.”
The technique typically involves a hacker utilizing log-in credentials from a third-party site to gain access to a user’s account at a highly secure website. A hacker can gain unauthorized access into an account by obtaining a user’s password from a local bank or gym, for example, then using the same log-in credentials at a major e-commerce site, or in this case an online sports betting account.
