Ex-TSA Analyst Sentenced for Computer Hack

2 Years Prison Term Given for 2009 Incident in Colorado A federal judge sentenced a Colorado man dismissed from his job in 2009 at the Transportation Security Agency to two years in prison for trying to inject malicious code into a computer database used to screen potential terrorists (see Insider Alleged to Hack TSA Computer).

U.S. Circuit Court Judge David Ebel also Tuesday sentenced to Douglas James Duchak, 47, of Colorado Springs, Colo., to three years of supervised release following his prison sentence and $60,587 in restitutions to the TSA. Duchak pled guilty to the charges.

According to federal prosecutors in Denver:

  • Duchak, employed by a government contractor, began working in August 2004 at a TSA computer center as a data analyst, responsible for receiving information from various federal government databases to be uploaded into the database used to screen potential terrorists.
  • On Oct. 15, 2009, Duchak's employer notified him he was being laid off, effective at month's end. On Oct. 22, Duchak accessed a sensitive database, deleting instructional code from the program. That code was necessary to format dates of birth information received in connection with the arrest warrant database information. A week later, Duchak's replacement observed what he believed to be unauthorized code that would disrupt TSA's security screening function. TSA personnel halted the computer operation until they could determine the source and scope of the problems. That same day, the defendant was contacted and notified that he should not return to work.
  • Forensic examiners discovered that Duchak created and transmitted the unauthorized code on Oct. 23, with the intent to damage the TSA database.

Assistant U.S. Attorneys Patricia Davies, chief of the special prosecutions section, and Judith Smith prosecuted Duchak.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.