Got a tip for us? Share it...

New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Hacker Pleads Guilty in AT&T iPad Breach

Daniel Spitler pleaded guilty Thursday to two felony charges related to the publishing of 120,000 AT&T customers' email addresses on Gawker.com. One other member of hacking group "Goatse Security", Andrew Auernheimer, was charged as well and is still in plea bargain negotiations. Spitler's plea agreement recommends a 12-18 month sentence.
According to reports and court filings, they wrote a script that guessed the ICC-ID numbers (used to identify the iPad's SIM card) and then queried AT&T's website until it returned an e-mail address. Spitler had been accused of co-authoring this software, called "iPad 3G Account Slurper."
The original breach occurred in June of last year. The hackers discovered a security hole on AT&T's website that allowed users to plug in a SIM card identifier called an ICC-ID, and receive back the email address connected to that SIM card.

More than 114,000 email addresses were disclosed including the personal email addresses of a number of high-profile political and business figures, though it appears no actual damage occurred beyond the exposure of the email addresses.

Top Rated Comments

(View all)

37 months ago

Remind me again what AT&T got for this? Oh, that's right. A slap on the wrist.


It's also easy to steal merchandise in a store, why would a store get punished when someone steals from them?

AT&T got more than a slap....bad PR is hard to recover from.

Hackers are criminals. They should realize that.
Rating: 10 Positives
37 months ago
I bet he didn't think he'd spend time in prison when he did it.
Rating: 5 Positives
37 months ago

I wonder how many job offers he's received because of this. :rolleyes:


Zero. Hacking doesn't exactly take a genius, and it shows lack of morals and in this case lack of good judgement. Getting caught makes it worse. Not exactly what recommends you to any employer.

Look at it like this: If I did something bad that costs a customer lots of money, my company will say "well, we couldn't expect that; he came well recommended, had no complaints about him for years; no idea why he suddenly sold your customer data to a competitor; not our fault". If a convicted hacker did the same thing, my company would be in deep trouble, because any jury would say that the damage is their fault for hiring a known criminal.
Rating: 4 Positives
37 months ago
I wonder how many job offers he's received because of this. :rolleyes:
Rating: 4 Positives
37 months ago

Remind me again what AT&T got for this? Oh, that's right. A slap on the wrist.


Did they even get a slap for this?

What did the guys plead guilty to anyway? It sounds like all they did was download info AT&T made available on their site. It AT&T had put all that info in a single txt file would downloading it have been a crime?
Rating: 4 Positives
37 months ago
Am I the only one who could care less if my email was "leaked". Sure, what they did is wrong but I think people blow things out of proportion a lot...
Rating: 4 Positives
37 months ago
I can not believe that companies like at&t can get hacked by some guy sitting in their bedroom and they're not the ones standing trial! It's far from okay and irresponsible on their part.
Rating: 3 Positives
37 months ago

Zero. Hacking doesn't exactly take a genius, and it shows lack of morals and in this case lack of good judgement. Getting caught makes it worse. Not exactly what recommends you to any employer.

And that is how hackers get bad reputation... Maybe people should google more about hacker vs cracker.
Rating: 3 Positives
37 months ago
Writing a script to guess some numbers and querying AT&T's website is in no way hacking anything.
Rating: 2 Positives
37 months ago
Releasing personal info was bad mojo. IF they are being giving time for that, maybe I can understand. For actually gathering the information and doing the "hack" I think at most they should get a small fine and community service hours.
Rating: 2 Positives

[ Read All Comments ]