The Hacker News Logo
Subscribe to Newsletter

AT&T Hacker Andrew Auernheimer sentenced to 3.5 Years in prison

Self-described troll and Grey hat AT&T Hacker Andrew "Weev" Auernheimer, 26, has been sentenced to 41 months in prison for exploiting an AT&T security hole three years ago, and releasing thousands of iPad owners email addresses. According to authorities, they obtained the ICC-ID and e-mail address for about 120,000 iPad users.

Each charge carried with it a potential prison terms of five years. He will serve 41 months in a federal prison, with concurrent probation for three years. He also owes restitution to the U.S. Treasury to be dispersed to AT&T in the amount of $73,000.

In 2010, Auernheimer and Daniel Spitler, discovered that visiting an unsecured AT&T Web server and entering a number associated with the customer's wireless account allowed him to obtain that customer's email address.

Computer security researcher Charlie Miller tweeted "We could all go to jail for security research at any moment, and a jury would happily convict us."

Auernheimer compared his prosecution to that of Aaron Swartz. In January, Internet activist Aaron Swartz committed suicide while facing trial for allegedly stealing millions of scholarly journal articles from the digital archive JSTOR using MIT's network. Swartz faced a potential sentenced of more than 30 years in prison.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.