Criminal Charges Filed Against AT&T iPad Attacker 122
Batblue writes "The US Department of Justice will file criminal charges against the alleged attackers who copied personal information from the AT&T network of approximately 120,000 iPad users, the US Attorney's Office, District of New Jersey announced Monday.
Daniel Spitler will be charged in US District Court in New Jersey with one count of conspiracy to access a computer without authorization and one count of fraud. Andrew Auernheimer will be charged with the same counts at the US Western District Court of Arkansas, which is in Fayetteville.
Auernheimer made headlines last June when he discovered that AT&T's website was disclosing the e-mail addresses and the unique ICC-ID numbers of multiple iPad owners. Claiming that he wanted to help AT&T improve its security, he wrote a computer script to extract the data from AT&T and then went public with the information. AT&T said that nobody from Auernheimer's hacking group contacted them about the flaw."
Re:Let's get this straight (Score:4, Informative)
Claiming that he wanted to help AT&T improve its security, he wrote a computer script to extract the data from AT&T and then went public with the information.
Claiming to help? That is a great excuse there. They found a security hole in the system and instead of just reporting it to AT&T they pulled down private information which they did NOT have the right to access. In other words I left my front door unlocked, this doesn't give you the right to go in and snoop around and take my stuff, you CAN however report to me and the newspaper that my door is unlocked. That is why these "hackers" are in trouble. AT&T probably looked at the exploit and then realized not only was there a problem but the people reporting it took private and sensitive information, this then required them to go to the legal system because their liable for this. Most of these major companies have insurance to cover these types of incidents but unless they follow protocol the insurance might not pay out.
Also the article attached to slashdot is missing information. They also gave the private information to Gawker.
http://www.informationweek.com/news/storage/security/showArticle.jhtml?articleID=229000863&cid=RSSfeed_IWK_All [informationweek.com]
And in apparently chat logs exists of these "hackers" discussing to sell or use this information in an illegal way.
http://www.crn.com/news/security/229000878/feds-nab-web-trolls-in-at-t-ipad-hack.htm [crn.com]