US hacker jailed for 3.5 years over AT&T breach

Cyber crime prevention

US hacker jailed for 3.5 years over AT&T breach

Warwick Ashford

US hacker Andrew Auernheimer has been sentenced to three-and-a-half years in prison for obtaining the email addresses of iPad users from AT&T's website.

Those affected by the breach in June 2010 included US military personnel, members of the Senate and the House of Representatives, and employees of Nasa and the Department of Homeland Security.

The 27-year-old Auernheimer was also ordered to pay $73,000 in damages to AT&T and to serve three years' supervised probation after his release, according to the Guardian.

In November 2012, he was found guilty of identity fraud and conspiracy to access a computer without authorisation.

Auernheimer was associated with Goatse Security, described as "a loose association" of hackers in the original complaint filed in federal court in Newark, New Jersey.

Goatse claimed to have obtained the iPad user data through a script on AT&T's website, which it said was accessible to anyone on the internet.

Auernheimer gave the stolen data to a Gawker journalist in what he said was an effort to expose AT&T’s security flaws.

At the time, iPad carrier AT&T acknowledged the leak, but said the risk was limited to the subscribers' e-mail addresses, and that the vulnerability had been dealt with.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy