Robert Purbeck, a 45-year-old resident of Meridian, Idaho, has been sentenced to 10 years in federal prison for conducting a series of cyberattacks and extortion schemes targeting victims across the United States.
Purbeck’s crimes, which included hacking into computer servers and stealing sensitive personal information from public and private entities, affected over 132,000 individuals and caused significant financial and operational damage to his victims.
A Campaign of Cyber Intrusion
Purbeck’s cybercriminal activities date back to at least 2017. He gained unauthorized access to servers through darknet marketplaces, where he purchased stolen credentials to exploit vulnerabilities in computer systems. His targets included a Griffin, Georgia, medical clinic, the City of Newnan Police Department, and 17 other organizations nationwide.
- June 2017: Purbeck breached the computer systems of a medical clinic in Griffin, Georgia, and extracted sensitive records containing personal data—including names, addresses, birth dates, and Social Security numbers—of over 43,000 individuals.
- February 2018: He hacked into the City of Newnan Police Department’s systems, stealing police reports and other documents with personal data of more than 14,000 people.
A Brazen Attempt at Extortion
Purbeck’s cybercrimes escalated in July 2018, when he attempted to extort a Florida orthodontist. After stealing sensitive patient records, Purbeck demanded payment in Bitcoin, threatening to expose the stolen data publicly if his ransom was not met. He even extended his threats to the orthodontist’s minor child, demonstrating a callous disregard for the well-being of his victims. Over 10 days, Purbeck harassed the orthodontist and patients through a barrage of threatening emails and text messages.
Investigation and Arrest
In August 2019, FBI agents executed a federal search warrant at Purbeck’s home in Meridian, Idaho. The raid uncovered a trove of electronic devices and computers containing the stolen personal data of over 132,000 individuals. Evidence confirmed that Purbeck’s hacking activities had caused substantial financial losses and disruptions to his victims, who faced remediation costs and operational setbacks as a result of his actions.
Following his guilty plea in March 2024 to two counts of computer fraud and abuse, Purbeck was sentenced by Chief U.S. District Judge Timothy C. Batten, Sr. to 10 years in prison. In addition, he received three years of supervised release and was ordered to pay restitution amounting to $1,048,702.98 to his victims.
Law Enforcement and Legal Collaboration
The investigation was led by the FBI’s Atlanta Field Office, with assistance from the FBI Boise (Idaho) Resident Agency. The prosecution team included Assistant U.S. Attorneys Michael Herskowitz, Nathan Kitchens, and Alex R. Sistla, as well as Trial Attorney Brian Mund of the Department of Justice’s Computer Crime and Intellectual Property Section.
U.S. Attorney Ryan K. Buchanan of the Northern District of Georgia praised the collective effort and said:
“Purbeck’s crimes reflect the actions of a callous cybercriminal who stole sensitive information and used threats to extort his victims. Thanks to the tireless work of law enforcement, his time hiding behind a computer to intimidate and harm others has come to an end.”
Sean Burke, Acting Special Agent in Charge of the FBI Atlanta, added:
“Cyber extortion is a growing threat, highlighting the critical need for organizations to prioritize cybersecurity. This sentencing is a testament to the FBI’s commitment to holding cybercriminals accountable, regardless of their location.”
Purbeck’s sentencing highlights the serious consequences of cybercrime, offering a measure of justice to his victims while sending a strong message to those who attempt to use technology for malicious purposes.