CHICAGO — An information technology specialist has been sentenced to three years in federal prison for hacking into the servers of a north suburban company where he formerly worked as a contractor.

EDWARD SOYBEL, 35, of Chicago, illegally accessed the servers of Lake Forest-based W.W. Grainger Inc., on multiple occasions in late 2016.  Soybel intentionally caused damage to Grainger’s automated inventory management program, which operates on-site dispensing machines for customers throughout the United States.  The dispensing machines provide secure access to durable products, such as safety equipment.  Soybel had worked as a technical support contractor at Grainger’s facility in Niles until he was terminated in early 2016.

A federal jury last year convicted Soybel on all 12 counts against him, including ten counts of intentionally causing damage to protected computers, one count of attempting to cause damage to protected computers, and one count of attempting to access a protected computer without authorization. 

Soybel has been in custody since December 2018, after he recorded a video of himself issuing threats of violence to law enforcement.  Before imposing the sentence Wednesday in federal court, U.S. District Judge Matthew F. Kennelly stated that he considered Soybel’s threats to be a significant aggravating factor, and he increased the sentence due to the gravity of the threats.

The sentence was announced by John R. Lausch, Jr., United States Attorney for the Northern District of Illinois; and Jeffrey S. Sallet, Special Agent-in-Charge of the Chicago office of the Federal Bureau of Investigation.  The Chicago Police Department provided valuable assistance.

“Defendant’s crimes were not an isolated lapse of judgement or one-off outburst,” Assistant U.S. Attorney Nicholas J. Eichenseer argued in the government’s sentencing memorandum.  “He essentially declared cyber war on Grainger, not out of principle or for financial gain, but out of spite.”

Evidence at trial revealed that Soybel repeatedly gained unauthorized access to a secure computer network of Grainger, a multi-national industrial supply company.  The network was an inventory-management system that operated a nationwide grid of dispensing machines to securely provide tools and safety equipment at customer sites.  Soybel remotely broke into the computer system by stealing and then using his former co-workers’ usernames and passwords.  Once inside the network, Soybel deleted millions of database records and reset the passwords.

The deletions caused outages of the system, locked out users, and temporarily impaired the dispensing machines.  Soybel’s attacks began in July 2016 and continued for several months.  Grainger incurred at least $300,000 in costs responding to the cyber-attacks.