Judge ignores leniency plea, hands AT&T hacker a 41-month-sentence
It's the maximum sentence prosecutors had sought for Andrew Auernheimer
Computerworld - A federal judge today ignored convicted hacker Andrew Auernheimer's leniency plea in sentencing him to 41 months in prison for illegally accessing email addresses and other data belonging to more than 120,000 iPad subscribers from AT&T's networks.
U.S. District Judge Susan Wigenton of the District Court in New Jersey also sentenced Auernheimer to an additional three years of supervised release and ordered him to pay AT&T more than $73,000 in restitution for damages stemming from his actions.
The sentence is the maximum that federal prosecutors had sought against Auernheimer.
In a pre-sentencing memo filed with the court last week. Auernheimer's attorneys had argued their client only deserved months of non-custodial probation, at most, for his offenses. They had argued for leniency on the grounds that Auernheimer's actions were not motivated by fraud and did not cause any direct harm to AT&T's systems.
Monday's sentence shows that neither the jury nor the court bought that story, the U.S attorney's office said in a statement.
"Andrew Auernheimer knew he was breaking the law when he and his partner hacked into AT&T's servers and stole personal information from unsuspecting iPad users," U.S. Attorney Paul Fishman noted. "When it became clear that he was in trouble, he concocted the fiction that he was trying to make the Internet more secure, and that all he did was walk in through an unlocked door. The jury didn't buy it, and neither did the Court in imposing sentence upon him today."
Auernheimer made headlines in June 2010 when he and his partner, Daniel Spitler, used an automated script they called iPad 3G Account Slurper to extract email addresses and SIM card ID numbers of more than 100,000 iPad owners from AT&T's servers.
The data included email addresses belonging to New York Mayor Michael Bloomberg, New York Times CEO Janet Robinson, ABC's Diane Sawyer, movie producer Harvey Weinstein, former White House chief of staff Rahm Emmanuel and numerous others.
Auernheimer and Spitler handed the data to Gawker, which posted the information public. The duo claimed they carried out the exercise only to demonstrate how AT&T was leaking the data via its Web site.
But prosecutors claimed that the whole caper was a self-serving stunt by Auernheimer to promote himself and Goatse Security, a security group to which he belonged. AT&T said it had to spend more than $73,000 for breach notifications.
In court filings, prosecutors described Aurenheimer as someone who not only took credit for the breach but also openly boasted about it to the media and others. They noted that Goatse Security often portrayed itself as a group of self-described Internet trolls bent on disrupting services and content on the Internet.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts