The Australian Federal Police (AFP) has detained 24-year-old Matthew Flannery for his alleged involvement in a cyberattack against an Australian government website earlier this month.
Authorities say the investigation began after they had found that a government site had been “attacked and defaced.”
Known on the hacking scene as “Aush0k” of LulzSec, Flannery worked as a low-level support tech for IT security firm Content Security.
Authorities say the suspect was “in a position of trust within the company, with access to sensitive information from clients including government agencies.” However, the company’s representatives have told SC Magazine that the AFP’s statement is incorrect.
“He had no access to any type of customer data apart from support tickets. That will be cleared up with the AFP,” Phil Wurth, Content Security managing director, said.
Flannery has been charged with two counts of unauthorized modification of data to cause impairment, and one count of unauthorized access to, or modification of, restricted data. The maximum penalty for these crimes is ten, respectively two years in prison.
“Those thinking of engaging in such activities should be warned that hacking, creating or propagating malicious viruses or participating in Distributed Denial of Service attacks are not harmless fun,” Manager Cyber Crime Operations Commander Glen McEwen noted.
“Criminal acts such as this can result in serious long-term consequences for individuals, such as criminal convictions or imprisonment.”
Some reports named the hacker as the “self-proclaimed leader” of the LulzSec collective, but Anonymous Australia members claim that police are simply trying to make it appear as if they cracked a big case.
“I suspect some DDoS skid on his mum’s win box,” one member of Anonymous Australia wrote on Twitter.