We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

AT&T iPad hacker pleads guilty

Last year, he helped obtain 120,000 iPad users' e-mail addresses and other information

A 26-year-old man who last year helped hackers publish personal information belonging to about 120,000 iPad users pleaded guilty to fraud and hacking charges in a New Jersey court Thursday.

Daniel Spitler pleaded guilty in federal court to two felony charges, according to Rebekah Carmichael, a spokeswoman with the U.S. Department of Justice. He faces a maximum of 10 years in prison on the charges, but his plea agreement recommends a 12- to 18-month sentence.

He is one of two men charged in the June 2010 incident that embarrassed Apple and AT&T and brought the hacking group, Goatse Security, international attention. The other man, Andrew Auernheimer, is still in negotiations over a plea agreement, according to court records. Both men are facing charges in the U.S. District Court for the District of New Jersey.

At the time of the incident, Goatse hackers claimed that they were merely trying to make AT&T aware of a security issue on its website. They discovered that anyone could query the site and learn the e-mail addresses and unique ICC-ID (integrated circuit card identifier) numbers belonging to the iPad users.

According to reports and court filings, they wrote a script that guessed the ICC-ID numbers (used to identify the iPad's SIM card) and then queried AT&T's website until it returned an e-mail address. Spitler had been accused of co-authoring this software, called "iPad 3G Account Slurper."

The group uncovered e-mail addresses belonging to members of the military, politicians and business leaders including New York Mayor Michael Bloomberg and former White House Chief of Staff Rahm Emanuel.

The incident became a huge embarrassment for AT&T after Auernheimer and Spitler handed their findings over to a reporter at Gawker.com.

In interviews after the hack, Auernheimer said his group had notified AT&T about the issue. But online chat logs filed in court by the prosecution cast doubt on that claim. "[Y]ou DID call tech support right?" asked one hacker, named Nstyr, in a chat log excerpt obtained by prosecutors. "[T]otally but not really," Auernheimer replied. "[I] don't... care [I] hope they sue me."

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's e-mail address is [email protected]


IDG UK Sites

Samsung Galaxy Note 4 review: Great if you like big, expensive phones

IDG UK Sites

Why Sony's PS4 2.0 update is every gamer's dream (well, mine at least)

IDG UK Sites

This Grolsch ad combines stop-motion & CG for majestic results

IDG UK Sites

Apple rumours and predictions for 2015: What to expect from Apple in 2015