Heidi Richards, 52 (or Heidi Shaffer, Heidi Hastings, or Heidi Williams, depending on who you ask), has been sentenced to 22 months in prison for trafficking thousands of stolen Microsoft Certificate of Authenticity (COA) labels through her Florida-based e-commerce brand, "Trinity Software Distribution", alongside a $50,000 fine for that company.
Basically, those COA labels are small stickers issued by Microsoft to OEMs verifying that a copy of its software is genuine. They feature a unique product key code used to activate the software or the entire operating system.
The only authorized method of downstream distribution for a Windows OEM COA is affixed to the computer on which the software was installed or with the complete, sealed OEM package, including the COA label and license. The labels may not be sold on a 'standalone' basis, separated from the software they were intended to authenticate.
Heidi Richards indictment
Interestingly, Richards instructed her employees to manually extract the product key codes and enter them into Excel spreadsheets, which feels like a particularly ironic slip-up in the scheme.
Between July 2018 and January 2023, Heidi and her accomplices purchased tens of thousands of these genuine Windows 10 and Microsoft Office COA labels from a Texas company, spending millions of dollars while remaining far below the implied retail profits. The extracted keys were then sold to customers worldwide, amassing $5,148,181.50 between 2018 and 2023.
Join us on Reddit at r/WindowsCentral to share your insights and discuss our latest news, reviews, and more.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
