A Kansas City man, Nicholas Michael Kloster, 31, has been indicted by a federal grand jury on charges of computer hacking targeting a local nonprofit and a health club business. The indictment, returned under seal on November 19, 2024, and unsealed after Kloster's arrest on November 22, accuses him of unauthorized access to protected computers, obtaining sensitive information, and causing damage to the systems.
Health club intrusion
According to the U.S. DoJ announcement, Kloster entered the premises of a health club company, referred to as “Company Victim 2,” on April 26, 2024. Following his unauthorized access to the business's computer system, he emailed one of the owners claiming to have breached their security, attaching his resume and touting his experience assisting over 30 businesses with cybersecurity.
The indictment details further violations, including adjustments to his own gym membership fee, reducing it to just $1, and deleting his photograph from the gym's database. Additionally, Kloster allegedly stole a staff nametag. Notably, he later posted an image on social media showing a screen capture of the gym's security cameras alongside a message reading, “How to get a company to use your security service.”
Nonprofit hacking incident
In a separate incident on May 20, 2024, Kloster allegedly infiltrated a nonprofit organization, referred to as “Company Victim 3,” by accessing a restricted area and using a boot disk to bypass network security. This allowed him to gain unauthorized access to multiple user accounts and reset passwords. The indictment further states that Kloster installed a virtual private network (VPN) on the nonprofit's computer system.
As a result of this breach, the nonprofit incurred over $5,000 in remediation costs. The extent of the intrusion and network compromises prompted the FBI and the Kansas City Police Department to launch an investigation.
Previous employment and third victim
The indictment also implicates Kloster in activities involving a third victim, “Company Victim 1,” where he was employed in early 2024. Kloster is accused of misusing a company credit card to make personal purchases, including a hacking tool designed to exploit vulnerable computers.
Legal proceedings
The charges against Kloster include accessing protected computers without authorization and causing reckless damage to systems. If convicted, these charges could carry significant penalties, including fines and imprisonment. It is important to note, however, that the indictment represents accusations, not proof of guilt. Kloster's case will proceed to trial, where a jury will determine the outcome.
Assistant U.S. Attorneys Patrick Daly and Nicholas Heberle are prosecuting the case, with investigative efforts led by the FBI and Kansas City Police.
Thai Police Neutralized Blaster That Spammed 100,000 SMS/Hour
Leave a Reply