* Data on 120,000 Apple iPad users stolen-prosecutors
* Defendant plans appeal-lawyer
By Jonathan Stempel
Nov 20 A federal jury convicted a New York man
on Tuesday of hacking into AT&T Inc servers and stealing
the email addresses and other personal data of about 120,000
Apple Inc iPad users, a U.S. attorney in New Jersey
Andrew Auernheimer, 27, was convicted by a Newark, New
Jersey, jury of one count of conspiracy to access the servers
without permission, as well as one count of identity theft, said
U.S. Attorney Paul Fishman.
The defendant faces a maximum five years in prison and
$250,000 fine on each count. A co-defendant, Daniel Spitler,
pleaded guilty to the same charges in June 2011 and is awaiting
Prosecutors said Auernheimer and Spitler were affiliated
with Goatse Security, a group of Internet "trolls" that tries to
disrupt online content and services.
According to the government, the men used an "account
slurper" that was designed to match email addresses with
"integrated circuit card identifiers" for iPad users, and which
conducted a "brute force" attack to extract data about those
users, who accessed the Internet through AT&T's network.
The authors of the slurper then provided stolen information
to the website Gawker, which published an article naming
well-known people whose emails had been compromised, including
ABC News anchor Diane Sawyer, New York Mayor Michael Bloomberg
and current Chicago Mayor Rahm Emanuel, prosecutors said.
Tor Ekeland, a lawyer for Auernheimer, said his client was
free on bail, and planned to appeal the verdict to the 3rd U.S.
Circuit Court of Appeals in Philadelphia.
"We disagree with the prosecutors' interpretation of what
constitutes unauthorized access to a computer under the Computer
Fraud and Abuse Act," Ekeland said in a phone interview. He
called the prosecutors' interpretation of that federal law
The trial lasted about one week, excluding a disruption
related to Hurricane Sandy, and jurors deliberated for a couple
of hours, Ekeland added.
AT&T has partnered with Apple in the United States to
provide wireless service on the iPad. After the hacking, it shut
off the feature that allowed email addresses to be obtained.
The case is U.S. v. Auernheimer, U.S. District Court,
District of New Jersey, No. 11-00470.