A federal jury found Cameron Curry, a 27-year-old from Charlotte, North Carolina, guilty on March 18 of conducting a cyber extortion scheme against an international technology company based in Washington, D.C., according to U.S. Attorney Jeanine Ferris Pirro.
The case highlights the risks companies face when employees or contractors misuse their access to sensitive information for personal gain. Cyber extortion schemes can threaten both corporate data security and employee privacy.
Court documents and trial evidence showed that Curry worked as a contracted data analyst for about six months at the victim company, during which he accessed personnel files and other confidential corporate records. After learning his contract would not be renewed, Curry used this information to attempt to extort $2.5 million in cryptocurrency from the company by sending more than 60 threatening emails between December 11, 2023, and January 24, 2024. The emails threatened to release sensitive employee and corporate data unless his demands were met.
The threats included disclosing personally identifiable information of employees and publicizing a breach if payment was not made. On January 24, the FBI executed a search warrant at Curry’s residence and seized electronic devices that linked him to the alias “Loot,” under which the extortion was carried out.
Curry was convicted of six counts of transmitting or willfully causing interstate communications with intent to extort. He faces up to two years in prison for each count; sentencing has not yet been scheduled. The investigation was led by the FBI Washington Field Office with assistance from the FBI Charlotte Field Office. Prosecution was handled by Assistant U.S. Attorneys Diane Lucas and Matthew Warren.
This conviction underscores ongoing efforts by law enforcement agencies to address cybercrime targeting businesses.
