Hacker sentenced for over three years after stealing iPad data

Hacker sentenced for over three years after stealing iPad data

Summary: After stealing the data of over 120,000 iPad users including NYC Mayor Bloomberg, one U.S.-based hacker has found himself in jail.

SHARE:
TOPICS: Apple, iPad, Security
4

A computer hacker has landed in jail for three years and five months after stealing data from iPads belonging to approximately 120,000 users.

hacker us sentence ipad users

Apple's iPad found itself the hacker's target through infiltrating the AT&T network, Reuters reports. Not only were normal United States citizens affected, but New York Mayor Michael Bloomberg, Harvey Weinstein and TV news anchor Diane Sawyer also bore the brunt of the attack.

After being sentenced in November by a Newark, New Jersey jury, 27 year-old Andrew Auernheimer was found guilty of one count of conspiracy to access AT&T Inc servers without consent, and one case of identity theft. The U.S. Justice Department had petitioned for a sentence of between three and four years as U.S. District Judge Susan Wigenton ruled that Auernheimer would spend three years and five months -- 41 months -- behind bars.

The hacker will also have to submit to three years of supervised release and was ordered to pay restitution of $73,162.

Auernheimer considered himself the head of "security research" hacking group Goatse Security, and as part of the exercise to shed light on the security of AT&T's servers, stole email addresses and other personal data before leaking the information to online media publication Gawker. Account data was obtained after creating an "account slurper" which then used brute force tactics against AT&T's servers to match email addresses with iPad 3G users on the network.

Daniel Spitler, 27, who was involved in the process, has plead guilty to the same charges and is awaiting sentencing.

"Andrew Auernheimer knew he was breaking the law when he and his partner hacked into AT&T’s servers and stole personal information from unsuspecting iPad users," U.S. Attorney Fishman said in a statement.

"When it became clear that he was in trouble, he concocted the fiction that he was trying to make the Internet more secure, and that all he did was walk in through an unlocked door. The jury didn't buy it, and neither did the Court in imposing sentence upon him today."

Auernheimer has previously sought probation and plans to appeal the ruling. Prosecutors say that the sentencing may deter hackers from invading people's privacy in the future.

Topics: Apple, iPad, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

4 comments
Log in or register to join the discussion
  • What a bunch of FUD

    All Auernheimer did was to submit SIM ID numbers (which he generated randomly) and the AT&T servers would respond with a corresponding iPad user's email address. The email accounts were not accessed and no personal information was ever stolen. But apparently Auernheimer was a jerk about it and that's why the "justice" system screwed him over so badly. But in order to make this witch hunt work they had to consider email addresses to be "personal information", which is ridiculous. And they managed to get a bunch of jurors that are as ignorant about tech as Ms. Osborne obviously is.
    Anono Mouser
    • The computer illiterate are always in the wrong jobs

      I've been posting the same sort of response on forums and news sites. Only in America do we have people in authority positions to lead groups of people in a field where they have no knowledge or have no understanding on what their departments actually does. All this guy did was get a glimpse of the key that someone used to open their briefcase. He didn't steal the briefcase and he didn't steal the key and he didn't use the key to look in the briefcase. He used binoculars to see the key, which are available to anyone.
      mr.faketrix
  • Hacked Servers?

    As Anono says, these were public facing servers and he was giving random numbers to a public facing interface. Should he have done it? Having discovered the problem, he should have disclosed it to AT&T immediately.

    But the "justice" side of the equation seems well out of proportion with the offence.
    wright_is
  • iPad data

    for your our iPad devices, to find lost data, we can refer to pro tool from http://tinyurl.com/iPad-Mini-Data-Recovery It has helped me recover lost data on iPad.
    Jonier