We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,785 News Articles

Judge gives second AT&T iPad hacker more time to make deal

Follows in footsteps of co-defendant, who pleaded guilty last month in return for recommended 12-to-18-month sentence

A federal judge has put the case against a man charged with hacking AT&T's website last year on hold to allow plea negotiations to continue, court documents show.

On Wednesday, U.S. District Court Jude Susan Wigenton suspended the case against Andrew Auernheimer, who faces a maximum of 10 years in prison if convicted of two felony charges, conspiracy to access a computer without authorization, and fraud in connection with personal information.

"Plea negotiations are currently in progress and both the United States and the defendant desire additional time to finalize a plea agreement, which would render trial of this matter unnecessary," Wigenton wrote in her order, made public Thursday on the U.S. Department of Justice's case database.

Auernheimer and his court-appointed federal public defender have been negotiating a plea agreement for at least the last month.

Auernheimer, who goes by the online nickname of "weev," was a member of Goatse, a loose collection of hackers, authorities have alleged. Along with co-defendant Daniel Spitler, he is accused of stealing approximately 120,000 names and email addresses of iPad 3G owners from AT&T servers in June 2010 using an automated scripting tool .

Among the email addresses eventually made public -- Auernheimer gave information obtained from AT&T to the Gawker website -- were those belonging to New York Mayor Michael Bloomberg, former White House chief-of-staff Rahm Emanuel, and top executives at Dow Jones, The New York Times Co. and Time Warner.

At the time, Auernheimer argued that the hack was "ethical" and "in the public interest" because it revealed a flaw in AT&T's website.

Later he accused AT&T of dishonesty when it downplayed the damage to affected customers.

Auernheimer argued that other hackers armed with an iPad exploit could have used the email addresses in a targeted attack.

"A complete list of iPad 3G customers, which could have been generated from this vulnerability [Goatse uncovered], would have the ideal bit of data for those...with zero-day Safari exploits," Auernheimer claimed in a June 2010 post to the Goatse blog.

But according to the federal indictment against Auernheimer, he and Spitler had discussed exploiting their hack. "This could be like, a future massive phishing operation serious like this is valuable data," Auernheimer allegedly told Spitler in an IRC chat that authorities included in the indictment.

"Well I will say this it would be against the law ... for ME to short the att stock but if you want to do it go nuts," Auernheimer said to Spitler in another chat fragment. "If you short ATT dont let me know about it."

Spitler pleaded guilty last month to similar charges. His plea agreement recommended a 12-to-18-month sentence.

Auernheimer's attorney did not reply to a request for comment.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer , on Google+ or subscribe to Gregg's RSS feed . His e-mail address is gkeizer@computerworld.com .

See more articles by Gregg Keizer .

Read more about drm and legal issues in Computerworld's DRM and Legal Issues Topic Center.


IDG UK Sites

Android One vs Android Silver vs Google Nexus: What is the difference?

IDG UK Sites

2014 Mac mini release date, specs, rumours: When's the new Mac mini coming out?

IDG UK Sites

Long live the internet fridge: the Internet of Things is coming

IDG UK Sites

How Prometheus' colourist Juan Ignacio Cabrera gave a tense, edgy feel to Chosen