Judge ignores leniency plea, hands AT&T hacker a 41-month-sentence
It's the maximum sentence prosecutors had sought for Andrew Auernheimer
Computerworld - A federal judge today ignored convicted hacker Andrew Auernheimer's leniency plea in sentencing him to 41 months in prison for illegally accessing email addresses and other data belonging to more than 120,000 iPad subscribers from AT&T's networks.
U.S. District Judge Susan Wigenton of the District Court in New Jersey also sentenced Auernheimer to an additional three years of supervised release and ordered him to pay AT&T more than $73,000 in restitution for damages stemming from his actions.
The sentence is the maximum that federal prosecutors had sought against Auernheimer.
In a pre-sentencing memo filed with the court last week. Auernheimer's attorneys had argued their client only deserved months of non-custodial probation, at most, for his offenses. They had argued for leniency on the grounds that Auernheimer's actions were not motivated by fraud and did not cause any direct harm to AT&T's systems.
Monday's sentence shows that neither the jury nor the court bought that story, the U.S attorney's office said in a statement.
"Andrew Auernheimer knew he was breaking the law when he and his partner hacked into AT&T's servers and stole personal information from unsuspecting iPad users," U.S. Attorney Paul Fishman noted. "When it became clear that he was in trouble, he concocted the fiction that he was trying to make the Internet more secure, and that all he did was walk in through an unlocked door. The jury didn't buy it, and neither did the Court in imposing sentence upon him today."
Auernheimer made headlines in June 2010 when he and his partner, Daniel Spitler, used an automated script they called iPad 3G Account Slurper to extract email addresses and SIM card ID numbers of more than 100,000 iPad owners from AT&T's servers.
The data included email addresses belonging to New York Mayor Michael Bloomberg, New York Times CEO Janet Robinson, ABC's Diane Sawyer, movie producer Harvey Weinstein, former White House chief of staff Rahm Emmanuel and numerous others.
Auernheimer and Spitler handed the data to Gawker, which posted the information public. The duo claimed they carried out the exercise only to demonstrate how AT&T was leaking the data via its Web site.
But prosecutors claimed that the whole caper was a self-serving stunt by Auernheimer to promote himself and Goatse Security, a security group to which he belonged. AT&T said it had to spend more than $73,000 for breach notifications.
In court filings, prosecutors described Aurenheimer as someone who not only took credit for the breach but also openly boasted about it to the media and others. They noted that Goatse Security often portrayed itself as a group of self-described Internet trolls bent on disrupting services and content on the Internet.
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!