Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
TRENDING TODAY
Home > News > Security

January 18th, 2011, 16:55 GMT · By

AT&T iPad User Data Hackers Face Criminal Charges

SHARE:

Adjust text size:

Goatse security AT&T iPad hackers charged with criminal offenses
Enlarge picture
Two hackers who exploited a flaw on AT&T's website to extract the email addresses of 120,000 iPad owners were charged with fraud and conspiracy to access a computer without authorization.

CNN reports that Andrew Auernheimer, 25, of Fayetteville, Arkansas, and Daniel Spitler, 26, of San Francisco, California, were arrested on Tuesday morning by the FBI.

Back in June 2010, the two men took advantage of a security vulnerability on the AT&T website to harvest the email addresses of iPad 3G owners.

The security issue was not technically difficult to exploit. It consisted of a publicly available script which, if provided with an iPad ICC-ID, returned the email address associated with it.

The hackers created a script that randomly tried ID numbers and managed to recover over 120,000 email addesses, some of which belonged to high profile individuals.

New York City Mayor Michael Bloomberg, former White House chief of staff Rahm Emanuel and Hollywood producer Harvey Weinstein were amongst the victims.

The criminal complaint describes the men's actions as a brute force attack against AT&T's services which had the intention of causing monetary losses to the company and damaging its reputation.

The hackers argued that they did not profit from the compromise and stressed that they only did it in order to raise awareness about the vulnerability.

It's worth noting that Auernheimer and Spitler initially reported the exposure of 114,000 emails and associated iPad ICC-IDs, but the official complaint notes over 200,000.

In November 2010, after learning that a case was being built against him, Andrew Auernheimer, aka weev, wrote an open letter to New Jersey Assistant U.S. Attorney Lee Vartan.

In it, he claimed that the searching of his home was unjust and said that the government should work together with his group of hackers instead of trying to prosecute him.

"AT&T needs to be held accountable for their insecure infrastructure as a public utility and we must defend the rights of consumers over the rights of shareholders," he said in the letter.


1,322 hits · 1 comment
Link to this article · Print article · Send to friend

MUST-READ RELATED ARTICLES:


Two Former UCM Students Indicted Following University Hacking Spree
Sony Takes PS3 Hackers to Court
Miley Cyrus' Email Hacker Arrested for Possession of Stolen Credit Card Details
High Profile Twitter Hacker Arrested in France

READER COMMENTS:


Comment #1 by: James on 19 Mar 2013, 19:37 UTC reply to this comment

Yea, there was no hacking involved. We have a computer illiterate judge. Actually, I'm going to use "stupid" to describe the situation because it invokes emotion. We have a computer stupid judge and a computer stupid jury deciding the punishment on a situation they don't even understand.

Only in America do we have people in authority positions to lead groups of people in a field where they have no knowledge or have no understanding on what their departments actually does. All this guy did was get a glimpse of the key that someone used to open their briefcase. He didn't steal the briefcase and he didn't steal the key and he didn't use the key to look in the briefcase. He used binoculars to see the key, which are available to anyone.

Copyright © 2001-2013 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2013 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use