Hacker gets 41 months in the slammer for stealing personal data of 100,000 AT&T Apple iPad customers

Hacker gets 41 months in the slammer for stealing personal data of 100,000 AT&T Apple iPad customers
Andrew Auernheimer, better known by his online handle 'Weev', was sentenced to 41 months in federal prison for illegally obtaining the email address of 114,000 AT&T customers in 2010. The list contained the contact information of those who had purchased the Apple iPad from the carrier. Immediately after sentencing, the 'Weev' was remanded to prison. In November, he had been found guilty of one count of identity fraud and one count of conspiracy to access a computer without authorization. Upon his release from prison, he will face 3 years of supervised release. Auernheimer and co-defendant Daniel Spitler (who plead guilty in 2011) were also ordered to pay $73,000 in restitution to AT&T. Prosecutors pre-sentencing report had recommended that Aurenheimer be held in prison for 48 months.

A security researcher, Aurenheimer discovered a flaw in the website used by AT&T to sign up customers for 3G service for the Apple iPad. Before his sentencing, he held a impromptu press conference at the courthouse steps and said, "I'm going to jail for doing arithmetic." He also spent his last hours of freedom, at least for now, answering a Reddit aMa where he was greeted with a hostile reaction. "Everybody who thinks weev is some kind of hero is getting played by a sadistic sociopath who has spent most of his adult life anonymously inflicting misery on people as entertainment," said one person. Others cited the fact that he did not break into a private server to protest the sentence.

Aurenheimer will appeal his conviction and vowed not to let AT&T off so easily next time.

source: TheVerge via Slashgear

FEATURED VIDEO

19 Comments

1. tech2

Posts: 3487; Member since: Oct 26, 2012

Alan, you are missing a zero in 100,000 in the title :)

10. Alan01

Posts: 619; Member since: Mar 21, 2012

Thanks for nothing...get it! Nothing, Zero, Ah....Thanks! Alan F.

12. PAPINYC

Posts: 2315; Member since: Jul 30, 2011

OMG, I totally get it. I haven't laughed so hard since Windows Mobile changed its' name to WP and claimed not to be a mobile Operating System. Or, like when Apple released the upgrade iPad 2 and called it "New iPad". Or, like when CBS thought Ashton Kutcher could replace Charlie Sheen. [Let me wipe the puddle I just made]

3. PAPINYC

Posts: 2315; Member since: Jul 30, 2011

It certainly would've been a much harsher punishment if they had sentenced him to using an iPad on AT&T for six months; if you ask me, he got off easy in the penn'. Now he'll just work on his revenge aka his "masterpiece".

5. darkkjedii

Posts: 31102; Member since: Feb 05, 2011

The sad part is that you really think that too.

13. PAPINYC

Posts: 2315; Member since: Jul 30, 2011

I not only think it but, I know it first hand. Ergo: AT&T; Cincular; AT&T.

14. darkkjedii

Posts: 31102; Member since: Feb 05, 2011

C'mon pap

16. PAPINYC

Posts: 2315; Member since: Jul 30, 2011

okay, AT&T has wonderful service; the best in the world!

6. Droid_X_Doug

Posts: 5993; Member since: Dec 22, 2010

I doubt that Andy is going to have access to computers or the Internet while on his 'vacation'. Perhaps he may get to take up tennis or basket weaving? Although with his attitude, he may have some experiences he would rather not repeat on the outside.

17. PAPINYC

Posts: 2315; Member since: Jul 30, 2011

Dude, look at him, I doubt anyone is that desparate! I'm not against gay marriage but, that would just be wrong.

7. Droiddoes unregistered

How sad. He would've done far less time, if any, for molesting a kid. America.

8. 14545

Posts: 1835; Member since: Nov 22, 2011

Can someone explain why att should be paid the restitution and not the customers? Screw att and this decision. It's att fault that the data was compromised. If restitution should be paid, it should be paid to the individuals that had their data compromised, NOT ATT. Idiot prosecutors.

9. darkkjedii

Posts: 31102; Member since: Feb 05, 2011

Agreed

11. pixelado

Posts: 130; Member since: Feb 16, 2013

Agreed, it's like Sony asked for money after getting raped by hackers back in 2011. They took the blame for having weak security and rewarded affected customers.

15. darkkjedii

Posts: 31102; Member since: Feb 05, 2011

That's Nobel

18. ohiwastedmylife

Posts: 17; Member since: Jul 04, 2012

All he did was build a script that would aggregate all the publicly available web pages and store the information found on each page in a database. There was no actual hacking and it was all on public domains that anyone could access. AT&T should be responsible for not having a secure website and openly displaying customer's information. Since when is caching or storing a webpage or information on a webpage that is open illegal? Im sure if we had direct url links we could google them and find individual cached pages which still show the data.

19. hypergreatthing

Posts: 44; Member since: Jun 13, 2012

summary is incorrect. AT&T had sensitive information on a public website. He merely collected it and sent it to a news agency to shame AT&T to fix it. Stolen? Exactly how was anything stolen? Illegally obtained? How in the hell do you get that? The implications of the laws applied would make it so that anyone using the internet is illegally obtaining information and applicable to the same sort of crime this guy committed. You should really read up on this case because it's completely assinine.

20. ZeroCide

Posts: 814; Member since: Jan 09, 2013

So True!!!!

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.