Hacker Pleads Guilty in AT&T iPad Breach
Daniel Spitler pleaded guilty Thursday to two felony charges related to the publishing of 120,000 AT&T customers' email addresses on Gawker.com. One other member of hacking group "Goatse Security", Andrew Auernheimer, was charged as well and is still in plea bargain negotiations. Spitler's plea agreement recommends a 12-18 month sentence.
According to reports and court filings, they wrote a script that guessed the ICC-ID numbers (used to identify the iPad's SIM card) and then queried AT&T's website until it returned an e-mail address. Spitler had been accused of co-authoring this software, called "iPad 3G Account Slurper."
The original breach occurred in June of last year. The hackers discovered a security hole on AT&T's website that allowed users to plug in a SIM card identifier called an ICC-ID, and receive back the email address connected to that SIM card.
More than 114,000 email addresses were disclosed including the personal email addresses of a number of high-profile political and business figures, though it appears no actual damage occurred beyond the exposure of the email addresses.
Related Stories
We've seen a lot of teasers about the Beats Studio Buds over the past month since they first showed up in Apple's beta software updates, and today they're finally official. The Beats Studio Buds are available to order today in red, white, and black ahead of a June 24 ship date, and they're priced at $149.99.
The Studio Buds are the first Beats-branded earbuds to truly compete with AirPods...
Apple is enhancing AirTags security to prevent stalking using the Bluetooth devices, Apple told CNET today. Apple is already sending out over-the-air updates to AirTags that will shorten the amount of time before an unknown AirTag alerts you if it is in your possession.
At the current time, AirTags play a sound after three days of being away from their owner. After the update, AirTags will...
Apple this week released iOS 12.4, the newest version of iOS 12 available for iPhones and iPads. One of the new features in iOS 12.4 is an updated data migration option that uses device to device transfers rather than relying on iCloud.
Apple didn't provide much information on the new data migration feature, so we thought we'd check it out in our latest YouTube video.
Subscribe to the ...
YouTube is planning to stop supporting its YouTube app on the third-generation Apple TV models, where YouTube has long been available as a channel option.
A 9to5Mac reader received a message about the upcoming app discontinuation, which is set to take place in March.Starting early March, the YouTube app will no longer be available on Apple TV (3rd generation). You can still watch YouTube on...
T-Mobile has issued a statement with further details about a cyberattack that the company confirmed earlier this week, confirming that the data breach included the personal information of almost 50 million current, former, and prospective customers.
Late last week, T-Mobile confirmed that a forum post that purported to offer data from more than 100 million people was the result of a company...
Apple's long-awaited AirTag was finally unveiled today, and as expected, the small circle-shaped accessories can be attached to items like wallets, keys, and more to allow them to be tracked in the Find My app.
As was rumored ahead of release, each AirTag is equipped with a U1 chip, and on devices that also have U1 chips, there's a Precision Finding feature.
U1 Ultra Wideband chips are...
Apple will release a new version of the MacBook Air around the middle of 2022, Apple analyst Ming-Chi Kuo said today in note to investors seen by MacRumors.
The upcoming MacBook Air will feature a 13.3-inch mini-LED display, which would make it the second Mac to gain mini-LED technology after the 2021 MacBook Pro, which is rumored to include a mini-LED display and is expected to launch later ...
Apple today announced that the original film "Finch," starring Tom Hanks in its titular role, will premiere on Apple TV+ on Friday, November 5 and shared a first-look image from the film.
The first look at "Finch," shared by Apple. The film, which is anticipated to be an awards season contender, revolves around a man, a robot (played by "Get Out" actor Caleb Landry Jones), and a dog that form ...
Another class-action complaint has been lodged against Apple, which claims that the company was aware of a MacBook Pro design flaw that caused some devices to have backlight display issues (via Apple Insider).
The so-called "flexgate" problem was present in some MacBook Pro models manufactured between 2016 and 2017. The problem appears as dark patches along the bottom of the MacBook Pro's...
Apple introduced the first MacBook Air, MacBook Pro, and Mac mini with M1 Apple Silicon chips yesterday, and as of today, the first benchmark of the new chip appears to be showing up on the Geekbench site.
The M1 chip, which belongs to a MacBook Air with 8GB RAM, features a single-core score of 1687 and a multi-core score of 7433. According to the benchmark, the M1 has a 3.2GHz base...
Daniel Spitler pleaded guilty Thursday to two felony charges related to the publishing of 120,000 AT&T customers' email addresses on Gawker.com. One other member of hacking group "Goatse Security", Andrew Auernheimer, was charged as well and is still in plea bargain negotiations. Spitler's plea agreement recommends a 12-18 month sentence.
Top Rated Comments
It's also easy to steal merchandise in a store, why would a store get punished when someone steals from them?
AT&T got more than a slap....bad PR is hard to recover from.
Hackers are criminals. They should realize that.
Zero. Hacking doesn't exactly take a genius, and it shows lack of morals and in this case lack of good judgement. Getting caught makes it worse. Not exactly what recommends you to any employer.
Look at it like this: If I did something bad that costs a customer lots of money, my company will say "well, we couldn't expect that; he came well recommended, had no complaints about him for years; no idea why he suddenly sold your customer data to a competitor; not our fault". If a convicted hacker did the same thing, my company would be in deep trouble, because any jury would say that the damage is their fault for hiring a known criminal.
"Hope you like prison food... and penis."
from the movie "The Other Guys"
Sorry it doesn't work that way. Bottom line is they caused financial damage to a business. If their intention was not malicious and they were "only doing public service" as you think, they would have contacted AT&T and told them there is a flaw in their system. Which they didn't. Instead they chose to get name and fame (infamy in their case) and published hundreds of SIM IDs and email addresses on the Internet.
Agreed publishing email addresses seems benign. But the news article says there were several high profile personalities among that list and I am sure it affects them more than an average person. It is basically an invasion of privacy and I am glad they went after them and made an example out of them. People need to know they can't do crap like this because they don't have a life and nothing better to do and expect to get away with it.
This is no different than you or me breaking into a local convenience store just because they didn't lock their door before leaving for the night and publishing this information out causing them damage. Hey technically you and I didn't steal anything from the store. We just broke in and announced publicly that they don't lock their door at night which in turn made other crooks steal from the store and cause them financial damage. So are we responsible in any way? Hell yes!
Exactly. That's the problem, the hacker does (arguably) a "good" thing by exposing a security hole. Instead of being a Good Samaritan and doing something to help society in general, they post the information for the attention. Now Email addresses aren't NEARLY the same thing as credit card numbers or something, but the gov. should (and did) make a very tough stand against this sort of Cybercrime.