Australian Hacker Avoids Jail After Posting Confidential Apple Employee Details on Twitter
An Australian man has been fined AU$5,000 and given an 18-month "recognizance," after he was found guilty of extracting employee details from Apple's servers and posting them on Twitter.
According to Bega District News, 24-year-old Abe Crannaford appeared in Eden Local Court on Wednesday for sentencing, after pleading guilty in February to two counts of unauthorized access or modification of restricted data.
In mid-2017 and early 2018, Crannaford extracted restricted information meant for employees only from the large US-based corporation.
The hacking culminated in January 2018 when Crannaford published employee details on his Twitter account and allegedly provided links to the corporation's firmware on GitHub.
The potential maximum sentence for the offences committed is two years' imprisonment and fines of $10,000 or more for each matter.
Magistrate Doug Dick fined him $5,000, however he did not impose a sentence on Crannaford, instead giving him an 18-month period of "recognizance," or good behavior, that if breached would result in an additional $5,000 penalty.
"It's pleasing to see you've made changes to you life and it's clear from the submissions that it has weighed heavily on your mind, which is punishment in itself.
"It may well be you're now subjected to online ridicule and contempt, but no-one in this court room escapes that - not even me," Magistrate Dick said.
"What you did strikes at the heart of modern society - people rightly worry about their privacy."
Ines Chiumento, Crannaford's defence solicitor, tried to argue that Apple "in some sense" promotes hacking, by awarding hackers through its bounty program for finding exploits and bugs.
"With that ability being treasured and sought out, it's difficult to send a message to young people (about the illegality and punitive measures) if the companies don't send the same message," said Chiumento.
The prosecutor acknowledged the existence of Apple's bounty program, but said Crannaford's "intrusions into websites and restricted data" occurred on multiple occasions and were shared with others, "so the concept of a bounty is contrary to his actions."