Two charged over iPad hacking on AT&T network

Powered by SC Magazine

Brute force attack on carrier's servers.

US prosecutors have charged two people with stealing email addresses and other data of about 120,000 users of Apple's iPad after finding a security weakness in AT&T servers.

Prosecutors said the criminal charges arise from a "brute force" hacking over several days last June that affected iPad users who accessed the Internet through AT&T's 3G network.

Among the possible victims were celebrities, businesses executives and government officials like New York City Mayor Michael Bloomberg, ABC News anchor Diane Sawyer, movie mogul Harvey Weinstein and perhaps then-White House Chief of Staff Rahm Emanuel, prosecutors said.

Daniel Spitler and Andrew Auernheimer, the defendants, were each charged with one count of fraud and one count of conspiracy to access a computer without authorisation.

Prosecutors said both defendants were associated with Goatse Security, a group of "self-professed Internet 'trolls'" who try to disrupt online content and services, and which last June revealed the hacking.

They said Auernheimer has bragged in published interviews about his trolling activities.

Lawyers for the defendants could not immediately be located. Apple spokeswoman Trudy Muller and AT&T spokesman Mark Siegel declined to comment.

Responding to an email request for comment to Goatse, Sam Hocevar, a member of Goatse's "team" according to the group's website, confirmed the charges relate to the June hacking. He said he did not have additional information.

Apple launched the iPad last April, and industry analysts on average expect the company to have sold 5.5 million of the tablet computers in its fiscal first quarter, which includes the holiday shopping season.


According to the complaint, the defendants used an "account slurper" to conduct a "brute force attack" on AT&T servers, randomly guessing at user data until it could match names with emails.

Spitler and Auernheimer then supplied the stolen data to the gossip website Gawker, which published some of the detail, prosecutors said.

AT&T was Apple's partner in the United States to provide wireless service on the iPad. After the hacking, it shut off the feature that allowed email addresses to be obtained.

Spitler is expected to appear later Tuesday in federal court in Newark, New Jersey. Auernheimer is expected to appear in a Fayetteville, Arkansas federal court.

The case is U.S. v. Spitler et al, U.S. District Court, District of New Jersey, No. 11-mag-04022.

(Reporting by Jonathan Stempel in New York; Additional reporting by Sinead Carew, editing by Dave Zimmerman and Derek Caney)

Two charged over iPad hacking on AT&T network
Top Stories
Westpac committed to core banking plan
[Blog post] Now with leadership.
The True Cost of BYOD - 2014 survey
Twelve months on from our first study, is BYOD a better proposition?
Photos: Unboxing the Magnus supercomputer
Pawsey's biggest beast slots into place.
Sign up to receive iTnews email bulletins
Latest Comments
What is delaying adoption of public cloud in your organisation?

   |   View results
Lock-in concerns
Application integration concerns
Security and compliance concerns
Unreliable network infrastructure
Data sovereignty concerns
Lack of stakeholder support
Protecting on-premise IT jobs
Difficulty transitioning CapEx budget into OpEx