AN internet hacker who led an attempt to scam up to £1million from the high street chain Next by using the “dark web” has been jailed for 18 months.

Edward Mullen, 30, from Glasgow, was the ringleader of a fraud that involved selling on and using details of hacked accounts belonging to hundreds of genuine customers. The account details were gained by Mullen, who then made them available on the “dark web”, which is not visible to normal users.

The information netted the scammers tens of thousands of pounds of goods from the clothing and homeware giant, before they were caught.

Leicester Crown Court heard people who bought goods using the illegally obtained information were then encouraged to post pictures of their “spoils” online to “advertise and promote” the fraud. Matthew Lowe, prosecuting, said the scam was perpetrated across the UK against Next, whose headquarters are in Leicestershire.

Details were sold on to other fraudsters via Facebook closed groups for between £25 and £80, depending on the amount of credit on the account. They were accompanied by instructions on how to commit the fraud to obtain goods and avoid detection by concealing their internet IP address.

In total, some 280 accounts were identified as being affected.

The amount of available credit on those accounts was almost £1m, although the value of the transactions attempted was £239,681, and the actual amount of goods fraudulently obtained was £64,000.

The fraudsters would collect the items rather than having them delivered, often using bogus proof of identity documents, such as forged utility bills.

Leisha Johnstone, 25, a mother-of-two from Annan, Dumfries and Galloway, was also one of the main players selling the information.

Mullen, Johnstone, and three others pleaded guilty to conspiring together and with unknown others to defraud Next Plc, by obtaining and providing customer account log-in details that were advertised for sale, via Facebook, purchasing the log-in details, accessing customer accounts, changing client contact details and placing orders for items via the hijacked accounts, between October 2015 and April 2016.

Sentencing, Judge Nicholas Dean, QC, said: “What lies behind this is extremely simple to state; it’s greed. All of you saw an opportunity to make easy and, you thought, risk-free money – at the expense of Next Plc.It wasn’t sophisticated, but it was persistent.

“The losses were not insignificant, but the potential losses were very significant. I must take into account the impact upon the victim in this case – Next plc.

“Although the actual loss does not strike me as being very considerable for that very large company, the reputational loss is incalculable.”

Judge Dean told Mullen: “You were the source of all of these stolen details, the top of the tree.”

Johnstone was sentenced to 12 months in prison.

A Next Plc spokesman said: “We are pleased our customers suffered no financial loss and we were able to act very quickly.”