Hacker found guilty of massive AT&T-iPad site breach
Jury convicts Andrew Auernheimer of unauthorized access and identity theft in connection with the theft of data belonging to more than 100,000 iPad users on the carrier's 3G network.
A hacker has been found guilty of breaking into an AT&T Web site and stealing data of more than 100,000 iPad users.
Andrew Auernheimer, 26, was convicted Tuesday in federal court in New Jersey of one count of conspiracy to gain unauthorized access to computers and one count of identity theft. The jury reached its verdict within hours of beginning deliberations, according to Wired.
After the verdict was announced, Auernheimer tweeted that the outcome had been expected and that an appeal was planned.
Hey epals don't worry! We went in knowing there would be a guilty here. I'm appealing of course.
— Andrew Auernheimer (@rabite) November 20, 2012
Auernheimer and co-defendant Daniel Spitler were arrested and charged in January 2011 after discovering a hole in 2010 in AT&T's Web site that allowed access to iPad users' e-mail addresses and unique identifiers used to authenticate the devices to AT&T's 3G wireless network.
Spitler wrote a script called the "iPad 3G Account Slurper" and used it against AT&T servers in 2010 to harvest e-mail addresses and associated unique iPad numbers, and plotted with Auernheimer on how to take advantage of the security hole, according to the U.S. Department of Justice office in Newark, N.J. Spitler pleaded guilty to the charges in June 2011.
In an interview with CNET in 2010, Auernheimer admitted that the hackers had compromised the AT&T 3G iPad customer Web site and released data on 120,000 accounts but said they did so with the intention of warning AT&T and protecting consumers.
Auernheimer faces up to 10 years in prison and $500,000 in fines.