US hacker Andrew Auernheimer has been sentenced to three-and-a-half years in prison for obtaining the email addresses of iPad users from AT&T's website.
Those affected by the breach in June 2010 included US military personnel, members of the Senate and the House of Representatives, and employees of Nasa and the Department of Homeland Security.
The 27-year-old Auernheimer was also ordered to pay $73,000 in damages to AT&T and to serve three years' supervised probation after his release, according to the Guardian.
In November 2012, he was found guilty of identity fraud and conspiracy to access a computer without authorisation.
Auernheimer was associated with Goatse Security, described as "a loose association" of hackers in the original complaint filed in federal court in Newark, New Jersey.
More on cyber law enforcement
- Two jailed in the UK for Anonymous cyber attacks
- UK cyber fraud gang jailed for selling identity theft kits online
- UK hackers admit stealing Michael Jackson tracks from Sony
- IT director jailed for hacking company website
- TJX hacker sentenced to 20 years in jail
- Man jailed for selling pirated software on eBay
Goatse claimed to have obtained the iPad user data through a script on AT&T's website, which it said was accessible to anyone on the internet.
Auernheimer gave the stolen data to a Gawker journalist in what he said was an effort to expose AT&T’s security flaws.
At the time, iPad carrier AT&T acknowledged the leak, but said the risk was limited to the subscribers' e-mail addresses, and that the vulnerability had been dealt with.