Update: U.S. v. Robert Purbeck aka “Lifelock”

Long-time readers may recall that in 2017 and 2018, DataBreaches.net reported on hacks of two medical practices by someone calling himself “Lifelock.”

DataBreaches’ past reporting on him can be found in this July, 2017 post (see comments under the post), in two 2018 posts, and then a post in response to a press release from from DOJ concerning his arrest.

Lifelock, whose real name is  listed on court filings as Robert A. Purbeck, had first brought himself to this site’s attention by posting a comment under a post about a hack involving a California medical entity. DataBreaches had commented that the incident sounded like it could be the work of thedarkoverlord (TDO). In a comment in response to the post, “Todd Davis” began his comment with “I am the darkoverlord you speak of.”

Lifelock subsequently emailed DataBreaches. In that email, he said he wasn’t thedarkoverlord mentioned in the post and that he hadn’t realized that someone was using that as a name. He also provided the text of correspondence he had sent to the California victim.

In 2018, Lifelock contacted DataBreaches again. This time, it was because he wanted DataBreaches to report on (i.e., expose) a medical group in Michigan that had never notified their patients or HHS that he had hacked them and stolen patient data in 2016.

In reporting on Lifelock, DataBreaches reported that DataBreaches had noted some significant similarities between Lifelock and TDO, but both Lifelock and TDO had denied any connection between them when they had been asked.

In 2019, FBI agents from various regions reportedly served a search warrant and seized numerous devices from Purbeck’s home in Idaho. According to Purbeck’s court filings, they also questioned him for hours in the hot sun, allegedly trying to get him to tell them passwords to the devices and to get him to confess to being TDO. In his court filings, Purbeck claims that he repeatedly denied any knowledge of, or participation in TDO.  He also claims that law enforcement knew he wasn’t TDO. DataBreaches does not know the basis for that particular claim, but he also claimed that there was exculpatory evidence in email correspondence with DataBreaches. He was not specific about what he thought would be exculpatory.

It is important to note that when Purbeck was charged in the Northern District of Georgia for other hacks he allegedly committed, he was not charged with being TDO or even being part of TDO1.

Purbeck has faced significant challenges in defending himself against the criminal charges that include hacks of an unnamed medical clinic in Griffin, Georgia, the city of Newnan, patient data from a medical practice in Locust Grove, Georgia, and an orthodontist in Florida. He has a court-appointed federal defender, but he appears to be mostly pro-se for many filings for related litigation in Idaho, the Ninth Circuit Court of Appeals, and Northern California.

As far as DataBreaches can determine, Purbeck has not prevailed on any of his motions to have devices returned or evidence suppressed. He has had some success in motions requesting to compel discovery, including a motion for the government to turn over copies of the communications between him and DataBreaches (referred to as “Dissent” in the court filings).

In addition to prevailing on some discovery-related motions, some parts of civil suits Purbeck has filed against prosecutors, his employer, and named FBI agents have not been dismissed. As Purbeck recapped his situation in what appears to be a DM chat with Justin M. Shafer:

I can’t divulge much. But I was tortured by the FBI into confessing to an alleged federal crime and to divulge encryption passwords. I couldn’t get the police to take a report on the FBI agents so I sued the agents. Judge Winmill is allowing me to sue the agents for 4th amendment violations including torture and for sexual assault against one creeper agent for molesting my heat-stroked body. My former county employer is allowed to be sued under an obscure Supreme Court ruling from the 1960’s I found. And the head search agent violated the 9th circuit ruling that a warrant must be provided to the person searched. So he is allowed to be sued under federal law2.

Most Recent Development: The April 5 Motion in Northern California

On April 5, Purbeck filed an emergency motion in the Northern District of California. The motion, filed pro-se with a companion motion to seal, was filed as an “EMERGENCY MOTION for Return of Property Pursuant to Rule 41(g) for Flagrant and Deliberate Violations of Attorney Client Privilege3.”  Purbeck’s motion also alleged that the government had failed to use a “taint team” and read emails or material that was of a personal and/or sensitive nature and beyond the scope of the warrant. Having failed in other courts to get property returned or evidence suppressed, Purbeck had tried to claim that the Northern District of California had the authority to order the return of his property.

On April 19, without any response from the defendant (Merrick Garland) having been filed at all yet, Judge Vince Chhabria signed an order dismissing Purbeck’s motion for lack of subject matter jurisdiction. The order was not only somewhat harsh in its wording, but it went so far as to unseal most of Purbeck’s emergency motion, which resulted in personal and previously non-public information becoming public.

What Next in the Northern District of Georgia?

Meanwhile in the criminal case in the Northern District of Georgia, many of the filings remain under seal. Purbeck’s response to some filings was due on February 22. The docket does not indicate that any response was ever filed. At this point, it is not clear to DataBreaches what happens next in the Northern Georgia criminal case, but DataBreaches will continue to follow this case.

1 United States v. Robert A. Purbeck, Case 3:21-cr-00004-UNA. 

2 The quoted material was forwarded to DataBreaches by Justin Shafer, who seems to have reached out to Purbeck and then shared his communications with both this site and another person. DataBreaches did not request he contact Purbeck, and did not request he provide copies of Purbeck’s communications.

3 Robert Purbeck v. Merrick Garland, Case 3:22-mc-80091-VC.

Post-Publication Comment:

Post-publication, Justin Shafer, a man who at times has made utterly irresponsible and foolish comments like suggesting that DataBreaches is TDO or that DataBreaches is law enforcement, made a comment that DataBreaches was somehow posting this update as “damage control.” There is no need for any damage control, as there has been no damage or risk of damage to DataBreaches. But to be clear:

First: DataBreaches stands by its reporting that there are significant similarities between Purbeck and the first spokesperson for TDO.

Second:  DataBreaches mentioned Purbeck seeking and obtaining a court order to have the prosecution turn over copies of his emails with DataBreaches. That disclosure was made as a matter of journalistic ethics lest anyone think that might have any influence on bias or reporting. It doesn’t. DataBreaches has no idea what Purbeck thinks might be exculpatory in the emails, but he certainly has a right to get a copy of the correspondence if he thinks it’s helpful to his defense. Similarly, because DataBreaches has been very clear about finding striking similarities between Purbeck and TDO, this site also makes a point to emphasize that he has not been charged as TDO. That is not an attempt at “damage control.” That is just being fair in reporting, as this site has always been from the beginning with him.

Finally: If DataBreaches’s reporting contributed to law enforcement investigating Lifelock and eventually arresting him and charging him with even more hacks, then that doesn’t require “damage control.”


About the author: Dissent

Comments are closed.