A Michigan software engineer was just sentenced to five years in prison after being convicted of stealing and trying to sell the personal records of more than 100,000 people.

He stole the information while working as a software consultant for a Wisconsin insurance firm and then tried to sell the records on the internet under an assumed name. Too bad one of his customers turned out to be an undercover Secret Service agent.

The stolen information included everything need to launch a massive identity theft, including names, addresses, and social security numbers. So how much was each stolen identity worth to this thief? Less than 70 cents.

The thief was convicted of identity theft, wire fraud and other charges, and also required to repay the breach notification costs of the insurance company, more than half a million dollars.

What I'd like to know is how he was caught. Did the insurance company detect the breach and report it to police, or did the Secret Service come across this thief as he tried to sell the information?