AT&T iPad hacker plans to appeal felony conviction
Andrew Auernheimer found a problem in AT&T's servers that linked iPad users' email addresses with SIM card serial numbers
IDG News Service - A man who exposed a major privacy weakness that divulged email addresses of iPad users on AT&T's network plans to appeal his conviction on two felony charges.
Andrew Auernheimer, also known as "weev," used an automated scripting tool called the "iPad 3G Account Slurper" to pull the names and email addresses of 120,000 iPad 3G owners from AT&T's servers in June 2010. The company had linked the Integrated Circuit Card ID (ICC-ID), a serial number on the SIM card of an iPad with cellular connectivity, with the user's email address.
The U.S. District Court in New Jersey convicted Auernheimer on Tuesday of conspiracy to access a computer without authorization and fraud in connection with personal information. He could face up to 10 years in prison. Efforts to reach Auernheimer were not immediately successful.
Auernheimer wrote on Twitter that the verdict was expected. "I'm appealing of course," he wrote.
Auernheimer maintained he was helping AT&T with its security, but the company claimed nobody from Auernheimer's hacking group, known as Goatse Security, contacted it about the problem.
The email addresses, which included those belonging to New York Mayor Michael Bloomberg, former White House Chief of Staff Rahm Emanuel and top executives at Dow Jones, The New York Times Co. and Time Warner, were passed on to the online news site Gawker.
A co-defendant, Daniel Spitler, pleaded guilty to similar charges in June 2011.
Send news tips and comments to firstname.lastname@example.org. Follow me on Twitter: @jeremy_kirk
- Top 10 Reasons to Strengthen Information Security with Desktop Virtualization Regain control and reduce risk without sacrificing business productivity and growth
- Preventing Sophisticated Attacks: Anti-Evasion & Advanced Evasion Techniques McAfee Next Generation Firewall applies sophisticated analysis techniques specifically to detect advanced evasion techniques (AET).
- The Security Industry's Dirty Little Secret The debate over advanced evasion techniques (AETs) This report summarizes the findings of a McAfee commissioned research group to determine the level of understanding IT security professionals have about AETs...
- Demand More, Get the Most from the Move to a Next-Generation Firewall Beyond the basics in a next generation firewall, to protect your investment you should demand other valuable features: intrusion prevention, contextual rules, advanced...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!