A computer hacker named Adrian Kwiatkowski, aged 23 is ordered to pay back over £100,000. He stole unreleased songs from artists, including Ed Sheeran, and sold them on the dark web.
Kwiatkowski, alias “Spirdark,” accessed private online accounts belonging to various management companies. His actions resulted in significant financial harm to musicians and their production companies. We will explore his crimes, convictions, confiscation orders, and impact on the music industry.
The Hacker’s Scheme
Adrian Kwiatkowski obtained 14 songs by hacking the servers in that stored the song’s files. Two of these songs were by Ed Sheeran, while the remaining 12 were by American rapper Lil Uzi Vert (Famous for his song XO Tour Llif3 which made it to the 7th on the Billboard 100). He gained unauthorized access to their digital accounts to carry out the theft. He then proceeded to sell these stolen songs on darknet markets that offer digital items in exchange for cryptocurrency. We can’t find which darknet markets he sold the songs on.
As you might expect, a complex scheme like this would have multiple consequences. Primarily causing financial harm to the artists and their production companies. It hinders artists from releasing their own work as a result. Once songs as such have been leaked, they spread like wildfire. Kwiatkowski’s crimal offense will continue to have detrimental effects on both artists finances and creative output.
Arrest and Seizure of Evidence
The case goes back to 2019, when the Manhattan District Attorney’s Office started their initial investigations. They had received reports from the music management companies. These reports referred to a person named Spirdark (Kwiatkowski’s Darknet Vendor name) selling stolen content online. During the investigation, LE found a key piece of evidence. There was a connection was between the email address used for the crypto accounts and Kwiatkowski. Although Kwiatkowski was a hacker, it doesn’t seem he had much experience using the darknet, thus failing basic OpSec steps. Furthermore, they traced the IP address of the hacking device back to his home address.
In September 2019, Adrian Kwiatkowski was arrested. The Police Intellectual Property Crime Unit (PIPCU) in Ipswich, England, carried out the arrest. The PIPCU seized devices and a hard drive containing 1,263 unreleased songs by 89 artists. Kwiatkowski’s Apple Mac laptop contained the discovered audio files. These files included stolen songs from Ed Sheeran and Lil Uzi Vert.
Conviction and Confiscation
In October 2022, Adrian Kwiatkowski pleaded guilty to many of the charges. These charges consisted of unauthorized access to data while selling articles that infringed the artist’s copyright. Additionally, they included converting criminal property. The authorities also charged him with possession of this criminal property.
His subsequent sentence was 18 months in jail at Ipswich Crown Court.
On May 26, 2023, the authorities granted a confiscation order against Kwiatkowski. The order mandated that he repay £101,053 within three months. This amount consists of £51,975 held in his bank account and 2.64 Bitcoin (BTC), worth £49,528 at the time. This marks the first-ever confiscation order for cryptocurrency secured by PIPCU. If Kwiatkowski fails to meet the payment deadline, there will be further consequences. He will then face an extra 18 months of imprisonment.
The Impact on the Music Industry
Detective Constable Daryl Fryatt from the PIPCU highlighted the importance of Kwiatkowski’s successful conviction.
Kwiatkowski executed a complex scheme to sell creative content that he did not own. Not only did he cause several musicians and their production companies significant financial harm, but he also deprived them of the ability to release their own work. Our work doesn’t just stop at conviction, and this result means that Kwiatkowski will not be able to benefit any further from the money he earned through criminal activity.”
Detective Constable Daryl Fryatt
Kwiatkowski’s actions could easily hinder any artists from releasing their albums confidently. Kwiatkowski, in particular, won’t have the opportunity to make such moves again, as the LE wants to ensure he won’t enjoy the further revenue he earned through his criminal activities.
We welcome the recent developments in this case. This type of criminal activity jeopardises the work of artists and the efforts of the teams of people supporting with the creation and release of their music. This is an excellent example of international cooperation and we would like to thank the Manhattan District Attorney’s Office and the City of London Police for their support in this matter.
Melissa Morgia, Director of Global Content Protection and Enforcement at IFPI
Melissa acknowledged the importance of this obtaining a hacker as such to prevent further pain in the music industry. She also highlighted the outstanding collaboration between the Manhattan District Attorney’s Office and the City of London Police.
Conclusion
It took 4 years for Adrian Kwiatkowski’s case to conclude. His hacking and successful sales of unreleased songs on the Darknet is a unique case. However, his failed OpSec in selling the items led to his successful conviction, setting a precedent. This case serves a significant purpose for the music industry and how criminals could exploit and harm it.
This is an interesting case study for such content being sold/released on the darknet. I recently saw a Reddit post of an individual asking about releasing his album solely on the Darknet. Adrian Kwiatkowski has proven this could be possible… However, it’s not the most lucrative path to take.