A 21-year-old Minnesota man who used the alias Snoopy was sentenced to 18 months in prison for his role in the November 2022 DraftKings account hacking scheme, which prosecutors said compromised 60,000 user accounts and led to $600,000 in theft.
KEY FACTS
- Defendant Nathan Austad pleaded guilty in December 2025 to conspiracy to commit computer intrusion.
- Scope Prosecutors said the scheme compromised 60,000 DraftKings accounts.
- Theft Hackers added payment methods under their control to 1,600 accounts and stole $600,000.
- Sentence Austad also received three years of supervised release, plus forfeiture and restitution orders.
The platform is a fantasy sports and sports betting service where users can build teams of real athletes and compete for cash prizes. In November 2022, the company disclosed that attackers had used credential stuffing to reach customer accounts through weak or reused passwords.
At first, the company said less than $300,000 had been stolen from affected customers. A month later, it said 67,995 customer accounts had been compromised in the incident.
U.S. authorities charged Joseph Garrison in May 2023 for his role in the scheme and said he and others sold access to hacked accounts through online marketplaces such as Goat Shop. In January 2024, prosecutors charged additional suspects, including Kamerin Stokes and Austad.
The U.S. Department of Justice press release said Austad ran a shop named after Snoopy from the Peanuts comic strip and controlled and profited from it. It said his cryptocurrency accounts received about $465,000 in assets, but did not disclose the total amount earned from sales of account access.
Garrison received an 18-month prison sentence in January 2024, while Stokes was sentenced to 30 months in April 2026.
WHY IT MATTERS
The case shows how credential stuffing attacks can turn reused passwords into large-scale account takeovers and financial losses. It also illustrates how account access can be sold through online marketplaces long after the initial intrusion.