Cyber Threat Actor: Austin Alcala

Austin Alcala, also known by his full name, is an individual from McCordsville, Indiana, in the United States of America who was identified as a member of the hacking collective referred to as Xbox Underground. He was charged alongside three other individuals in a federal indictment issued in April 2014 for offenses that occurred between January 2011 and March 2014. The charges against him include conspiracy to commit computer fraud, copyright infringement, wire fraud, mail fraud, identity theft, and theft of trade secrets, as well as individual counts of aggravated identity theft and unauthorized computer access. These allegations stem from his alleged participation in a series of intrusions targeting multiple technology and defense organizations.

The group’s activities focused on sectors such as video game development, software publishing, and military training systems, with victims that included Microsoft, Epic Games, Valve, Zombie Studios, and the United States Army. The intrusions were carried out using SQL injection attacks and the use of stolen employee usernames and passwords, sometimes obtained from software development partners. Once inside the networks, the actors accessed and exfiltrated unreleased software, source code, pre‑release video game titles, and military training technology such as Apache helicopter simulation tools. The stolen intellectual property was described by prosecutors as having a value ranging from one hundred million to two hundred million dollars, and the theft did not involve customer personal data.

Legal proceedings resulted in two of the four defendants, David Pokora and Sanadodeh Nesheiwat, pleading guilty to conspiracy to commit computer fraud and copyright infringement, each facing up to five years in prison with sentencing scheduled for January following the plea. Austin Alcala’s case proceeded alongside the remaining co‑defendant, and an additional Australian suspect linked to the conspiracy was also charged separately. The Department of Justice emphasized that the conduct represented serious electronic breaking and entering that caused substantial financial and operational harm to the affected organizations. This concludes the factual profile based solely on the provided source material.