Hacker Pleads Guilty in AT&T iPad Breach
Daniel Spitler pleaded guilty Thursday to two felony charges related to the publishing of 120,000 AT&T customers' email addresses on Gawker.com. One other member of hacking group "Goatse Security", Andrew Auernheimer, was charged as well and is still in plea bargain negotiations. Spitler's plea agreement recommends a 12-18 month sentence.
According to reports and court filings, they wrote a script that guessed the ICC-ID numbers (used to identify the iPad's SIM card) and then queried AT&T's website until it returned an e-mail address. Spitler had been accused of co-authoring this software, called "iPad 3G Account Slurper."
The original breach occurred in June of last year. The hackers discovered a security hole on AT&T's website that allowed users to plug in a SIM card identifier called an ICC-ID, and receive back the email address connected to that SIM card.
More than 114,000 email addresses were disclosed including the personal email addresses of a number of high-profile political and business figures, though it appears no actual damage occurred beyond the exposure of the email addresses.
Popular Stories
Apple earlier this week announced the discontinuation of the iPod touch, and because it was the last iPod still available for purchase, its sunsetting effectively marks the end of the entire iPod lineup.
To send the iPod on its way, we thought it would be fun to take a look back at some of the most notable iPod releases over the last 21 years.
Original iPod (2001)
Introduced in October...
iOS 16 will include new ways of interacting with the system and some "fresh Apple apps," Bloomberg's Mark Gurman has said, offering some more detail on what Apple has in store for the upcoming release of iOS and iPadOS set to be announced in a few weeks at WWDC. In the latest edition of his Power On newsletter, Gurman wrote that while iOS 16 is not likely to introduce a major face-lift to...
YouTuber Unbox Therapy has shared a hands-on look at the iPhone 14 Pro Max using what he claims is a one-to-one replica created by third-party case makers with access to detailed schematics and dimensions for Apple's new upcoming flagship smartphone.
As with the iPhone 13 Pro lineup, in 2022, we are expecting a 6.1-inch iPhone 14 Pro and a 6.7-inch iPhone 14 Pro Max, but this time the Pro...
Apple today released iOS 15.5 and iPadOS 15.5, the fifth major updates to the iOS and iPadOS 15 operating systems that were initially released in September 2021. iOS and iPadOS 15.5 come a little over two months after the launch of iOS 15.4 and iPadOS 15.4.
The iOS 15.5 and iPadOS 15.5 updates can be downloaded for free and the software is available on all eligible devices over-the-air in...
It's been over 200 days since Apple debuted its redesigned MacBook Pro lineup. Offered in 14-inch and 16-inch display sizes, the new-look MacBooks wowed Apple fans and creative pros alike with their powerful custom Apple silicon, mini-LED screen, and multiple connectivity options. But there are still some things you can't do with a MacBook Pro. Here are five features some Mac users are still...
Apple has launched a special limited-time offer for iPhone, Apple Watch, Mac, and iPad trade-in that offers customers additional credit when trading in their only device for a new one.
The offer is being run in several countries including the US, UK, Germany, Spain, Italy, South Korea, Japan, Taiwan, China, India, and France. In the UK, Apple is offering up to £50 of extra trade-in credit...
Earlier this week, well-known Apple analyst Ming-Chi Kuo claimed that Apple plans to release at least one iPhone 15 model with a USB-C port in 2023. Now, in a follow-up tweet, he has claimed that accessories like AirPods, the MagSafe Battery Pack, and the Magic Keyboard/Mouse/Trackpad trio would also switch to USB-C in the "foreseeable future."
Both the iPhone and all of the aforementioned...
Top Rated Comments
It's also easy to steal merchandise in a store, why would a store get punished when someone steals from them?
AT&T got more than a slap....bad PR is hard to recover from.
Hackers are criminals. They should realize that.
Zero. Hacking doesn't exactly take a genius, and it shows lack of morals and in this case lack of good judgement. Getting caught makes it worse. Not exactly what recommends you to any employer.
Look at it like this: If I did something bad that costs a customer lots of money, my company will say "well, we couldn't expect that; he came well recommended, had no complaints about him for years; no idea why he suddenly sold your customer data to a competitor; not our fault". If a convicted hacker did the same thing, my company would be in deep trouble, because any jury would say that the damage is their fault for hiring a known criminal.
"Hope you like prison food... and penis."
from the movie "The Other Guys"
Sorry it doesn't work that way. Bottom line is they caused financial damage to a business. If their intention was not malicious and they were "only doing public service" as you think, they would have contacted AT&T and told them there is a flaw in their system. Which they didn't. Instead they chose to get name and fame (infamy in their case) and published hundreds of SIM IDs and email addresses on the Internet.
Agreed publishing email addresses seems benign. But the news article says there were several high profile personalities among that list and I am sure it affects them more than an average person. It is basically an invasion of privacy and I am glad they went after them and made an example out of them. People need to know they can't do crap like this because they don't have a life and nothing better to do and expect to get away with it.
This is no different than you or me breaking into a local convenience store just because they didn't lock their door before leaving for the night and publishing this information out causing them damage. Hey technically you and I didn't steal anything from the store. We just broke in and announced publicly that they don't lock their door at night which in turn made other crooks steal from the store and cause them financial damage. So are we responsible in any way? Hell yes!
Exactly. That's the problem, the hacker does (arguably) a "good" thing by exposing a security hole. Instead of being a Good Samaritan and doing something to help society in general, they post the information for the attention. Now Email addresses aren't NEARLY the same thing as credit card numbers or something, but the gov. should (and did) make a very tough stand against this sort of Cybercrime.