Hotel Hacker Faked His Own Death by Hacking Into State Death Record Systems

A man who was arrested for hacking the customer database of Marriott Hotels faked his own death to possibly avoid getting caught by authorities. 

Jesse Kipf was arrested last month for breaching the networks of a few companies and states. He even accessed the health department systems in a few states to register his own death certificate, Forbes reported.

The reason behind Kipf faking his own death remains unknown, but Forbes reported that it might be one of his attempts to avoid being caught by law enforcement.

Kipf hacked into the networks of Guest-Tek Interactive Entertainment and Milestone Inc. — two companies that Marriott Hotels uses to provide internet access to its guests, according to the U.S. Attorney’s Office Eastern District of Kentucky.

Kipf hacked into Guest-Tek Interactive Entertainment on February 12 and breached Milestone Inc. on June 21.

He previously told the FBI that he sold the personal data of Marriott hotel guests on a Russian forum, Forbes reported, citing a search warrant it obtained.

The justice department recently unsealed Kipf’s indictment, stating charges against him related to identity theft, computer fraud, and hacking into several networks, including death certificate systems operated by Arizona, Hawaii and Vermont.

Authorities caught Kipf after he used his personal IP address to access Hawaii’s health department’s computer systems in January to register his own death certificate, claiming COVID as the cause of death, according to Forbes. He also sold access to the department’s system.

Kipf admitted to prosecutors, after being arrested in July, that he hacked into death records systems across Connecticut, Hawaii, Tennessee, Vermont, and Arizona. He claimed that he was testing how the servers there, except Hawaii, could be easily breached.

Officials in Vermont told the FBI that a death certificate in Kipf’s name was registered in May, but a spokesperson for the state’s health department told Forbes that no data was accessed.

The Attorney’s Office said that Kipf was able to view state constituent and business client personal information when he breached the networks of those states and companies.

“Kipf was also charged with attempting to sell the credentials he used to access these protected networks,” the attorney’s office added.