Missouri Hacker Arrested for Hacking Businesses and Pitching Himself as a Security Consultant
In what sounds like the plot of a 90s hacker movie or a 2010s YouTube short, a Missouri man, 29-year-old Nicholas Michael Kloster, has been arrested after allegedly hacking into several businesses and offering to sell his services as a self-appointed security consultant. Kloster now faces federal charges, including accessing protected computers and other offenses, after his activities were uncovered by the FBI and Kansas City Police Department. The investigation paints a picture of audacious and often baffling crimes carried out by Kloster.
The story begins with Kloster allegedly hacking into a health club’s computer systems. Once inside, he emailed the business owner, offering his “security services,” claiming he could help protect their systems from other hackers, even though there is no evidence he had any legitimate security background. Kloster’s actions escalated quickly from just a simple pitch to a series of increasingly bold moves. In a moment of clear hubris, he posted a screenshot on social media showing himself remotely controlling the health club’s security cameras, making it clear that he had unauthorized access to the systems. The caption accompanying the post—”How to get a company to use your computer service”—appears to mock the business for not recognizing his “talent.”
The health club wasn’t Kloster’s only target, though. According to prosecutors, he also reportedly reduced his gym membership fee to just $1 per month, likely trying to ingratiate himself further with the health club’s management. But even more audacious was his ability to manipulate the gym’s database, where he erased his photo and took a staff nametag. These petty actions were coupled with an even more bizarre and unprofessional approach: instead of working his way into legitimate cybersecurity consulting, he began actively committing crimes that would later be linked back to him.
But Kloster’s misdeeds didn’t stop with the health club. He allegedly also broke into a nonprofit corporation, physically entering the building, accessing areas that were off-limits to the public, and using a boot disk to take control of the nonprofit’s systems. The ensuing password resets and the installation of a VPN reportedly caused the organization over $5,000 in damages. These activities, while not as “flashy” as his earlier posts, were no less serious and further solidified his criminal behavior.
What truly makes this story so puzzling is the fact that Kloster used his employer’s company credit card to purchase items for personal use, including a thumb drive that was marketed as a hacking tool. This was an incredibly risky move, one that directly linked him to his criminal activities. As investigators soon discovered, the thumb drive was advertised as a device capable of hacking into vulnerable computers, and it raised immediate red flags when used by Kloster.
Despite his apparent confidence in his hacking abilities, Kloster’s story proves that real-world cybercrimes, unlike those portrayed in movies, are not as easily executed—and they certainly don’t go unnoticed. His reckless actions eventually led to his arrest, and his attempt to position himself as a “security expert” backfired spectacularly. Now facing serious legal consequences, Kloster’s story serves as a reminder that attempting to hack your way into business opportunities doesn’t end with flashy social media posts or unrealistic movie plots. Instead, it leads to criminal charges, financial damage, and a ruined reputation.