Hacker Who Stole 114K Emails From AT&T iPad Owners Appeals Conviction

Andrew “Weev” Auernheimer

Andrew “Weev” Auernheimer, one of the hackers responsible for exploiting a security flaw in AT&T’s website to steal over 110,000 email addresses from iPad subscribers, has appealed the 41-month sentence that was handed to him back in March.

Auernheimer still maintains he did not violate any laws when he accessed AT&T’s servers, and notes that all of the information he obtained was already available to the public on the Internet.

The appeal reads:

The appeal contends that Auernheimer did not violate law by accessing AT&T servers. The company had linked the Integrated Circuit Card ID (ICC-ID), a serial number on the SIM card of an iPad with mobile connectivity, with the user’s email address.

When a user visited AT&T’s website, the email field would automatically be populated based on the ICC-ID, which was apparently intended to help users save time when logging in.

But Auernheimer’s friend, Daniel Spitler, discovered that changing the ICC-IDs by a single digit would return a new user’s email address. Then the two men developed an application called the “iPad 3G Account Slurper” to pull the names and email addresses en masse.

Since the data was freely available on the internet, Auernheimer’s actions did not constitute theft, the appeal contends.

Auernheimer was found guilty back in November, and he was handed his conviction earlier this year. His friend, Daniel Spitler, who was responsible for the software behind the hack, pleaded guilty in June 2012 and received a 12-18 month sentence.

Between them, Auernheimer and Spitler obtained over 114,000 email addresses from AT&T, including those of many high-profile subscribers, including Chicago Mayor Rahm Emmanuel. The pair exacerbated the whole affair when they passed on the email addresses so that they could be published on the Internet.

Related
  • Robert X

    Guilty! But good luck with that. You will need it.

  • philbert81

    Look, it’s Guias Baltar.

  • hypnotoad

    If all the information was available on Internet, why did he feel the need to access it the way he did? Not much of a defence.

  • lowtolerance

    What a fucking jackass. This guy blew any chance in hell of not being convicted the first time around by behaving like a complete dick during his trial, including threatening to attack AT&T again “the next time” on reddit the night before his sentencing.

About the author

Killian BellKillian Bell is a staff writer based in the U.K. He has an interest in all things tech and also covers Android over at CultofAndroid.com. You can follow him on Twitter via @killianbell.

(sorry, you need Javascript to see this e-mail address)| Read more posts by .

Posted in News, Top stories | Tagged: , , , , , , , , |