Jury convicts US man in iPad data breach case

Nov 21, 2012

A federal jury on Tuesday convicted a man of illegally gaining access to AT&T's servers and stealing more than 120,000 email addresses of iPad users including New York Mayor Michael Bloomberg and film mogul Harvey Weinstein.

Andrew Auernheimer, of New York, was convicted of identity theft and conspiracy to gain unauthorized access to computers. Each count carries a maximum prison sentence of five years.

Prosecutors said the former Fayetteville, Arkansas, resident was part of an online group that tricked AT&T's website into divulging email addresses, including those of Bloomberg, Weinstein, then-White House chief of staff Rahm Emanuel, who is now mayor of Chicago, and other celebrities.

The group then shared the addresses with the website Gawker, which published them in redacted form accompanying a news article about the breach, prosecutors said.

A second man arrested with Auernheimer early last year, Daniel Spitler, of San Francisco, pleaded guilty that June.

At the time of the arrests, U.S. Attorney Paul Fishman said there was no evidence the men used the swiped information for criminal purposes. But authorities cautioned that it could have wound up in the hands of spammers and scam artists.

According to court papers, the men used a computer script they called the iPad3G Account Slurper to fool AT&T's servers into thinking they were communicating with an iPad. The theft of the email addresses occurred in June 2010.

Prosecutors said at the time of Auernheimer's arrest that he had bragged about the operation in a blog posting and in an interview with CNET published online after the Gawker article. Court papers also quoted him declaring in a New York Times article: "I hack, I ruin, I make piles of money. I make people afraid for their lives."

Auernheimer, after he was charged and released on bail, had declined to comment.

iPad maker Apple Inc., based in Cupertino, California, referred questions to AT&T, which acknowledged a security weak spot on a website that exposed the email addresses. AT&T said the vulnerability affected only users who signed up for its 3G wireless Internet service and said it had fixed the problem.

Explore further: Putin signs law seen as crimping social media

1 /5 (4 votes)
add to favorites email to friend print save as pdf

Related Stories

Suspect in iPad data theft released on bail in NJ

Feb 28, 2011

(AP) -- An Arkansas man accused of stealing more than 100,000 e-mail addresses of Apple iPad users last year was released on bail Monday and will be prohibited from using the Internet except for work - which in his case ...

Suspect in iPad data theft remains jailed in NJ

Feb 23, 2011

(AP) -- One of two men charged with stealing more than 100,000 e-mail addresses of Apple iPad users remained jailed Wednesday after making his first court appearance in New Jersey.

Hackers obtain email addresses of iPad 3G owners

Jun 09, 2010

A shadowy hacking group obtained the email addresses of over 114,000 owners of Apple iPads by exploiting a vulnerability at US telecom giant AT&T, a Silicon Valley website reported on Wednesday.

FBI investigating AT&T iPad security breach

Jun 10, 2010

(AP) -- The FBI said Thursday that it is investigating a data breach at AT&T that exposed the e-mail addresses of more than 114,000 owners of the Apple iPad, including government officials.

Recommended for you

Putin signs law seen as crimping social media

8 hours ago

President Vladimir Putin on Tuesday signed a law requiring Internet companies to store all personal data of Russian users at data centres in Russia, a move which could chill criticism on foreign social networking ...

User comments : 0