Goatse hacker pleads guilty to stealing iPad user data

by Graham Cluley on June 25, 2011 | 2 Comments

Filed Under: Apple, Data loss, iOS, Privacy, Vulnerability

Hacker typingDaniel Spitler, an alleged member of the Goatse Security hacking group, has pleaded guilty to breaking into AT&T's systems and obtaining the email addresses of iPad users.

The story of how a vulnerability on AT&T's website allowed outsiders to scoop up the email addresses of early adopters of the Apple iPad made huge news headlines this time last year.

Goatse (don't Google it, trust me..) bombarded the AT&T website service with thousands of requests using made-up ICC-ID codes (an internal code used to associate a SIM card with a particular subscriber).

By flooding the website with so many made-up ICC-IDC codes, some were bound to relect a genuine one, and when this happened the website believed them to be a genuine iPad user and revealed the associated email address.

Email addresses. Image source: Gawker

In total, about 120,000 iPad users were said to have had their email addresses exposed. The court in Newark, New Jersey heard that victims of the hack included New York Mayor Michael Bloomberg, ABC News anchor Diane Sawyer and Rahm Emanuel, who was the White House chief of staff at the time.

26-year old Spitler, who hails from San Francisco, is scheduled to be sentenced on September 28th, and could face a maximum penalty of five years in prison and a $250,000 fine.

In all honesty, although taking the information was clearly against the law, the hack probably received so much media attention at the time purely because it was iPad-related rather than because of the data that was taken.

That's not to say that you want your email address exposed (it could potentially have become a victim of phishing attacks, for instance, targeting iPad owners) but there is presumably much more damaging information that could have been taken.

Another man, 25-year-old Andrew Auernheimer, has pleaded not guilty to the hacking charges and continues to faces prosecution.

Tags: , , , , ,

2 Responses to Goatse hacker pleads guilty to stealing iPad user data

  1. James says:
    June 25, 2011 at 3:32 pm

    Let me guess, their parents thought they were playing computer games for 18 years. And did they still live at home when arrested?

    Anyway it should be obvious by now that maximum penalties for these kids is probably the only cure at this point.

    Reply Report comment
  2. Mac User says:
    July 8, 2011 at 9:58 pm

    Why shouldn't it be googled? I want to now!

    Reply Report comment

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong>

About the author

Graham Cluley has worked in the computer security industry for more than 20 years, developing anti-virus software and doing quite a lot of talking about internet threats. He's won awards for his blogging, but is proudest of the text adventure games he wrote when he was still wearing short trousers. You can learn more about those (the games, not the trousers) at grahamcluley.com. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.