US hacker gets 41 months prison for AT&T email extraction
Andrew Auernheimer, also known as weev, has been sentenced in a US court to 41 months in prison and three years' supervision. In August 2012 he was convicted of accessing the email addresses of 120,000 iPad users through an AT&T site, amounting to one count of identity fraud and one of conspiracy. Auernheimer was potentially facing five years of prison for each charge.
The site in question had been created to simplify logging in to an AT&T service with the 3G-enabled iPad by allowing it to look up a connecting device and match it to an email address. Auernheimer and his accomplice Daniel Spitler created an automated script to extract all the email addresses. Spitler accepted a plea bargain taking 12 to 18 months prison time in exchange for information about his and Auernheimer's activities and unexecuted plans to exploit the information for various nefarious purposes. The data was eventually handed over to the Gawker news web site with the aim of publicly embarrassing AT&T.
Auernheimer and Spitler also have to pay AT&T, via the US Treasury, $73,000 restitution. Auernheimer has ten days to appeal the sentence.