Hacker Andrew Auernheimer was convicted by U.S. District Court in New Jersey on Tuesday for accessing a computer without authorization and fraud in connection with personal information. Auernheimer tweeted that the verdict was expected’ “I’m appealing of course,” he wrote. He could face up to 10 years of imprisonment.
Auernheimer and Daniel Spitler of San Francisco were charged last year for unauthorized extraction of the personal information, email addresses and ICC-ID of the iPad users by using “iPad 3G account slurper”, an automated scripting tool. The ICC-ID is a unique identifier used to authenticate the SIM card in a customer’s iPad to AT&T’s network. It included the email addresses and information of prominent businessman and political leaders. Some of them are New York City mayor Michael Bloomberg, former White House Chief of Staff Rahm Emanuel, and top executives at Dow Jones.
AT&T Inc. (NYSE:T) provides Internet access service to some of the iPad users. The customers needed to provide their personal data including e-mail addresses while opening an account. AT&T Inc. (NYSE:T) linked the user’s e-mail address to the ICC-ID, and each time the user accessed the AT&T website, the site recognized the ICC-ID and displayed the user’s e-mail address.
The security group, Goatse Security, that hacked about 114,000 email addresses of iPad users from exclusive service provider AT&T Inc. (NYSE:T) also claims that all iPads are a security risk to their owners. Such a claim from the group comes a week after an apology letter sent by AT&T to its iPad customers, for the security breach.
“When we disclosed this, we did it as a service to our nation,” wrote Escher Auernheimer of Goatse Security. “We love America and the idea of the Russians or Chinese being able to subvert American infrastructure is a nightmare”.
However the group said that it contacted the AT&T Inc. (NYSE:T) and conveyed information about the breach so that the company could fix the problem and save the customers from loosing on their confidential information to hackers. Contrary to Auernheimer, AT&T Inc. (NYSE:T) maintained that it got the information from a business customer and not from the Goatse group.
Auernheimer later sent an e-mail to the U.S. attorney’s office in New Jersey, blaming AT&T Inc. (NYSE:T) for exposing customer data, authorities say.
“AT&T Inc. (NYSE:T) needs to be held accountable for their insecure infrastructure as a public utility and we must defend the rights of consumers, over the rights of shareholders,” he wrote, according to prosecutors. ”I advise you to discuss this matter with your family, your friends, victims of crimes you have prosecuted, and your teachers for they are the people who would have been harmed had AT&T been allowed to silently bury their negligent endangerment of United States infrastructure”.
However, the prosecutors believes, that the groups intentions went beyond concern about the security of customer data.
