Skip to main content
  1. Home
  2. Computing
  3. News

Two charged in iPad hacking case

Aemon Malone
By

U.S. prosecutors have charged two people with stealing e-mail addresses and other personal data from around 120,000 iPad 3G users. The alleged hack occurred last June and targeted a security weakness in AT&T’s servers.

Daniel Spitler and Andrew Auernheimer (pictured) have each been charged with one count of fraud and one count of conspiracy to access a computer without authorization. Both of the accused were associated with the hacker group-cum-trolling community Goatse Security. Goatse Security delivered the stolen e-mails to the website Gawker, which published details about the breach, along with redacted e-mail addresses.

Recommended Videos

The stolen information came from tens of thousands of everyday iPad users. But also information from some big names includes former-White House Chief of Staff Rahm Emmanuel, New York City Mayor Michael Bloomberg, and ABC News anchor Diane Sawyer.

Related

The duo accomplished the hack by taking advantage of a loophole in AT&T’s servers that would return e-mail addresses associated with ID numbers that link the iPad’s 3G SIM cards to individual subscribers. Goatse published details of the hack after AT&T had closed its security loophole.

In blog postings on Goatse’s website, the group has claimed that the hacking was carried out to publicly demonstrate a flaw in AT&T’s security. “AT&T needs to be held accountable for their insecure infrastructure as a public utility and we must defend the rights of consumers over the rights of shareholders,” Auernheimer wrote in an open letter addressed to U.S. attorney Lee Vartan.

The Department of Justice doesn’t quite buy the “hacking for the public good” story. Spitler is expected to appear in a Newark, New Jersey federal court on Tuesday. And Auernheimer is expected to appear in a federal court in Fayetteville, Arkansas.

Editors' Recommendations

Topics
Aemon Malone
Aemon Malone
Former Digital Trends Contributor
Own an iPhone, iPad, or MacBook? Install this critical update right now
IOS 16.4.1 UPDATE.

Apple has released software updates for iPhones and iPads that are light on features, but they are critically important from a security perspective. The updates — iOS 16.4.1 and iPadOS 16.4.1 — started rolling out on Friday, but you should install them on your iPhone and iPad as soon as possible to protect your devices from attacks.

In its official release note, Apple says the updates patch two security flaws that “may have been actively exploited.” Now, Apple doesn’t disclose security issues before conducting thorough research, both in-house and in collaboration with cybersecurity experts. In a nutshell, when Apple publicly announces a security flaw, and it comes with a “Critical Vulnerability” badge, you should grab the fix as soon as Apple makes them available.

Read more
How to screen record on an iPhone or iPad
iPhone X tips and tricks

Do your parents or friends constantly call you, asking how to do something on their iPhone? Or maybe you want to record a sweet Fortnite win that people just have to see? Since iOS 11, Apple introduced a native option to record the screen on iPhone, iPad, and iPod.

What once required a third-party app is now a stunningly simple process. For anyone who just needs basic functionality to record their screen, Apple’s built-in feature should suffice. Just a few taps, and you can share any video through any of your channels.

Read more
LastPass reveals how it got hacked — and it’s not good news
A depiction of a hacker breaking into a system via the use of code.

Last year was a particularly bad one for password manager LastPass, as a series of hacking incidents revealed some serious weaknesses in its supposedly rock-solid security. Now, we know exactly how those attacks went down -- and the facts are pretty breathtaking.

It all began in August 2022, when LastPass revealed that a threat actor had stolen the app’s source code. In a second, subsequent attack, the hacker combined this data with information found in a separate data breach, then exploited a weakness in a remote-access app used by LastPass employees. That allowed them to install a keylogger onto the computer of a senior engineer at the company.

Read more