The first virtual currency crime: hacker jailed after $12m Zynga theft

Last week a hacker faced a substantial prison sentence after pleading guilty to stealing approxmately $12 million worth of Zynga chips, a virtual currency used in its poker game.  This is big stuff (more on that below).

I spoke with Develop about this fascinating development – here’s their article:

“An IT businessman is facing a substantial prison sentence after pleading guilty to stealing around $12 million in online game currency.

Ashley Mitchell, 29, based in the Devonshire costal town of Paignton, admitted to hacking into the accounts of social gaming giant Zynga.

He transferred around 400 billion virtual poker chips into his account and began selling the currency on the black market. He had made £53,000 before his arrest.

Mitchell stood to make around £184,000 from the chips, the court heard, though Zynga’s sale value of the currency is $12 million.

Judge Philip Wassall said Mitchell faced a substantial jail term for the offences, according to regional paper Herald Express.

Mitchell was remanded in custody after the case was adjourned for reports.

Digital economy

The actual value of Zynga’s intangible and instantly replicable online currency sparked a debate in court.

Prosecutor Gareth Evans said Zynga had not been, in essence, deprived of any goods. He claimed there may be a knock-on effect as more customers bought the poker chips on the black-market instead of paying Zynga.

Judge Wassell asked if the case was any different from stealing notes from the Royal Mint – the UK’s body that manufactures British currency.

Prosecutor Evans replied that, in theory, there was no difference because the mint can produce more currency if its goods were stolen.

He said there is, however, a difficulty in valuing the chips because they are digital. But if Zynga had sold them legitimately the value would have been around $12 million.

Jas Purewal, lawyer and author of Gamer/Law, explained to Develop that the case has set a new precedent.

“This shows that the legal regulation and protection of virtual goods and currency, which historically has been fairly uncertain, is evolving fast – driven partly by the boom in virtual goods sales in games.

“This case is particularly interesting because it involved a UK court recognising virtual currency – in this case, Zynga chips – as legal property which can be protected by existing UK criminal laws.

“The court effectively found that, even though virtual currency isn’t real and is infinite in supply, it still can deserve legal protection in the same way as real world currency”.

Purewal said the case is a “vindication” for Zynga and other virtual goods providers.

Hacker record

Judge Wassell heard that Mitchell’s offences were in breach of a previous suspended sentence he was handed in 2008.

Mitchell had previously been convicted of hacking into the Torbay Council website and changing his personal details.

Defence solicitor Ben Derby said as a plea in mitigation that Mitchell had been “wrestling with a gambling addition” at the time of the Zynga theft.”


As I said to the Develop guys, this case really does seem to break new legal ground.  For the first time (so far as I’m aware anyway) in the West, a court has looked at virtual currency and seemingly accepted on relatively little argument that it can be classified as ‘property’ within the meaning of (UK) criminal laws (though NB I can’t state definitively the the court found virtual goods = property, because we don’t have the court transcript).

So what?  Well, as longtime readers will know, I’ve been exploring for some time the legal status of virtual goods, which I think is going to come under significant pressure from different directions in the next few years.  The key issue is whether virtual goods are ‘goods’ (i.e. property) or whether they are services or something else.  If they are property, then in principle they could be bought/sold/assigned etc – which goes way beyond the way in which virtual goods are currently dealt with.

Until now, there has been relatively little by way of official analysis of this issue – which is why this case, where a judge seemed willing to convict a man based effectively upon theft of a virtual currency – is significant.

We may not hear much more about this particular development (except possibly when the man is actually sentenced) but this is definitely not the last we’ve heard about the interaction between games, virtual goods and the criminal law (in fact, I might even write a piece on that next month!)  As always, watch this space…

Follow us at or subscribe to our email updates here

Take-Two sues former executives in stock backdating lawsuit

Take-Two, the US-based games publisher, can proceed with a lawsuit against some of its former key executives regarding alleged illegally backdated stock options, following a Manhattan federal judgment yesterday.

Reuters reports that former Chief Executives Ryan Brant and Kelly Sumner and former Chief Financial Officers Larry Muller and James David will now have to defend claims alleging securities fraud based on option grants awarded after July 12, 2001.


Back in 2006, Take-Two announced that the US Securities and Exchange Commission was going to investigate certain of its stock option grants since 1997.  In a nutshell, a stock option grant is an offer to a person (typically to a company executive or senior employee) to buy company shares at a specified price.  The investigation formed part of a wider enquiry in the US as well as the UK regarding the legality of backdated stock options at hundreds of companies.  This led to the discovery of fraud and illegal back-dating of stock options by (now former) Take-Two executives. 

Backdated stock-options for dummies:

To explain: it is possible to take a stock option and back-date it, generally to a time when the company shares were worth less, thus instantly making the stock option more valuable if the company’s shares have performed well at the point at which the option is exercised. 

Basic example: a stock option is granted to an executive in 2007 when the shares are worth $10 but is backdated to 2003 when the shares were worth $2.  If the shares are worth say $20 now in 2010, the executive will make a lot more money by having the option back-dated to 2007 (then the profit is $20-$2 = $18 per share), compared to the profit to be made if the true 2007 price was used (then profit would be $10 – $2 = $8 per share). 

The perceived dangers with backdated stock-options are that they can artificially inflate company earnings and share price, as well as being seen poorly by shareholders and potentially the market.  That said, backdating share options is generally not illegal per se, provided the legal formalities (in particular, disclosure to the regulator and approval by the company) are complied with. 

What happened next:

The SEC discovered that Take-Two had not complied with the proper formalities, had filed false information to the SEC, and that the former executives – in particular the former CEO Rob Brant – had acted fraudulently in concealing the backdating of the stock options.

In 2007, Rob Brant pleaded guilty to a SEC criminal prosecution regarding the backdating and agreed to settle a civil lawsuit over the same issues.  Other former Take-Two executives also pleaded guilty in parallel criminal prosecutions.

In April 2009 (according to Reuters) Take-Two paid $3m to the SEC to settle its part in the backdated stock options scandal.

The current lawsuit:

It now transpires that Take-Two shareholders have pressed ahead with separate civil claims for compensation against the former executives, and further that Take-Two has now taken over these claims itself.  So, instead of the Take-Two shareholders claiming compensation from the former executives, the company itself is now pressing the claim.

Although the Reuters article doesn’t state so specifically, the fact that the judge ruled that some of the claims can proceed whereas others cannot suggests that the former executives may have gone to court to have some of the claims against them thrown out for being out of time (all legal claims have a ‘limitation period’ of time during which they must be commenced or otherwise will be forfeited, e.g. breach of contract claims generally have a six year limitation period).  In the event, the judge did rule that some of the claims could proceed whereas others were indeed out of time.

Reuters was not able to obtain a comment from Take-Two but no doubt one will be forthcoming sometime soon.  Hopefully, at that point Take-Two will be able to clarify exactly what claims it is bringing against the former executives and what is the value of these claims.

Going forward, it will now fall to Take-Two to press ahead with its legal claims against the former executives, so we’ll be sure to hear more about this in the future.  We’ll write a follow-up post once further information (and hopefully the Court documents) become available.

[Image credit: Take Two Interactive]

Follow us at or subscribe to our weekly email newsletter here

Should Griefing Be Criminalised?

I just read a paper by Leslie Garfield, a Professor of Law at Pace University in the USA, about whether intentional infliction of emotional distress over the internet (e.g. cyber-bullying) should be criminalised.  This has got me thinking – should griefing be criminalised too?

Follow us at or subscribe to our weekly email newsletter here