ORONO, Maine — Imagine every keystroke you’ve entered into your computer — every credit card number, every password, every instant message — was being watched and recorded, unbeknownst to you, by someone else.
That’s what University of Maine police are alleging former UMaine business student James Wieland did to around 200 UMaine e-mail accounts for at least the past 15 months.
Wieland, who turns 27 on Friday, was arrested Wednesday afternoon at his apartment in Lewiston and was charged with one count of aggravated criminal invasion of computer privacy, UMaine spokesman Joe Carr said Thursday.
The charge is a Class C felony, which could draw up to five years in prison and a fine of up to $5,000.
Wieland is facing felony charges rather than a misdemeanor charge because of the nature of the crime, said Noel March, UMaine director of public safety.
UMaine police have dealt with computer invasion of privacy issues before, March said, but nothing with this scope.
“It may sound like someone hobbying, but I’ll tell you this, in this day and age … [identity theft] is in fact a very insidious, a very damaging crime and one that is very difficult to unravel,” March said.
Wieland apparently sent e-mails to 1,083 addresses through the university’s First Class system and gained access to more than 200.
The number of affected computers could rise after the Penobscot County District Attorney’s Office examines the evidence in the case. The Maine State Police’s Computer Crimes Task Force has seized Wieland’s computer equipment.
Depending on what investigators find in the coming weeks, Wieland could face more charges when he appears in Penobscot County Superior Court in Bangor on Jan. 30. He was taken to Androscoggin County Jail and is free on $240 cash bond.
Officer Bill Mitchell of the UMaine police served as the lead investigator and was present for Wieland’s arrest. Wieland was shocked, Mitchell said, but “very cooperative.”
So far, March said, there have been no reports of concerns related to identity theft. Police do not know Wieland’s motivation.
The investigation started last month when two UMaine students on an airplane together received e-mails from each other during their flight.
When they realized that scenario was impossible, one of the students told university officials about the suspicious e-mail.
A three-week investigation ensued as the UMaine police worked with state police, the university’s Department of Informational Technologies, the Secret Service and the Lewiston police, to investigate and arrest Wieland.
The Secret Service was involved because of the possibility that the crime goes beyond state borders.
“We don’t yet know the geographic extent of this particular case,” March said.
March likened the system by which Wieland allegedly gained access to First Class accounts to a Trojan horse because the e-mails Wieland allegedly sent out had addresses known to the recipient.
Police believe this is how Wieland gained access to an increasing number of accounts and was able to expand the number of addresses from which he could send messages.
He apparently sent students an e-mail that contained an attachment. That attachment was a keystroke logging program which when downloaded can read and record all of the keystrokes used on a computer. The program has the ability to log everything, including e-mail passwords, credit card numbers and personal information.
“It’s discouraging, because we have 21,000 accounts on the system,” said John Gregory, UMaine executive director of information technologies. “The system is very secure. This was not a penetration of the system itself. It’s a penetration of that one-on-one human trust where, I’ll trust you, so I’ll look at what you sent me, and then it spread.”
The software is easily purchased online. It is often used, for example, by parents who want to keep track of their children’s online activities. It also is used in police investigations in the same manner in which a telephone wiretap might be used.
Investigators believe Wieland started this activity around August 2007 and possibly even years before, and it continued until this week.
Wieland, who studied business at UMaine from 2000 until spring 2008, recently was hired as development director of Trinity Catholic School in Lewiston, according to an Oct. 9 story in the Lewiston Sun Journal. In early 2002 Wieland founded Optec Industries, which started as a Web design and photography business, according to information on the company’s Web site, and then expanded into security consulting among other business areas.
On the Optec Web site, he described himself as a musician and martial arts expert. He said he’d lived on both coasts and went to high school in New Hampshire.
Wieland resigned as development director of Trinity School after his arrest, said Sue Bernard, spokeswoman for the Roman Catholic Diocese of Portland.
Wieland’s biography also states he earned degrees in business management and marketing. Carr said Thursday that Wieland never earned a degree from UMaine.
He was born in Corning, Calif., and graduated from high school in Conway, N.H., according to the Sun Journal story.
The University of Maine notified Wednesday those believed to be affected by the computer program. A separate message about the situation went out to the entire UMaine community.
Robert Dana, University of Maine vice president for student affairs and dean of students, said his office has fielded dozens of calls from students who feel “very violated and upended” by the computer breach.
“It’s important to realize that a computer is a wide-open portal to the World Wide Web, and you’ve got to treat it like you treat yourself or your home,” Dana said. “You’ve got to protect it, and sometimes we’re very lackadaisical about that as a society.”
As word of the incident spread through campus Thursday, students said they were a little shaken by the news.
“It’s kind of odd to think someone was doing that,” said second-year student Matt Davis of Sabattus, who was playing a game on his laptop computer in the Memorial Union. “I’m not going to open anything, especially over First Class, if I don’t know who it’s from.”
If you suspect your computer has been infected, go to http://itinfo.umaine.edu to run a detection tool and removal software or call the IT help line at 581-2506 for more information. Those who are concerned they have been affected also may call the office of Robert Dana, vice president for student affairs and dean of students, at 581-4016.