Man Found Guilty of Hacking AT&T, Stealing Details of 120,000 iPad Owners

He revealed that he would appeal the jury's decision

By on November 21st, 2012 09:00 GMT

On Tuesday, 26-year-old Andrew Auernheimer was found guilty by a New Jersey federal court of conspiracy to access a computer without authorization and identity fraud. The man is suspected of hacking into an AT&T website and stealing the personal details of around 120,000 iPad owners.

The jury reached this verdict in just a few hours, Wired informs.

Back in 2010, Auernheimer and his accomplice, Daniel Spitler, both part of Goatse Security, found a security hole in AT&T’s website which allowed them to obtain email addresses and ICC-ID unique identifiers used to authenticate SIM cards.

They utilized a script to harvest the details of around 120,000 iPad owners who used their devices through AT&T’s 3G network.

New York’s mayor, White House officials, NASA representatives and several members of the media were among those affected.

According to prosecutors, the two didn’t notify AT&T, the company insisting that it learned of the incident from one of its customers.

Auernheimer and Spitler – who already pleaded guilty last year – claimed that their main concern was the safety of AT&T customers whose details had been exposed.

However, authorities found out that their actual goal was to promote themselves and the Goatse Security group, and to ruin the wireless carrier’s reputation.

This assumption is partly based on 150 pages of chat logs obtained by an informant from IRC channels. It’s also backed up by a letter sent by Auernheimer to the US attorney’s office in New Jersey, in which he insisted that AT&T should be held accountable for “their insecure infrastructure as a public utility.”

After hearing the verdict of guilty, Auernheimer revealed on Twitter that the outcome was expected.

“We went in knowing there would be a guilty here. I’m appealing of course,” he wrote.

Comments