(Adds conspiracy crimes in second paragraph.)
June 23 (Bloomberg) -- A California man pleaded guilty to hacking into AT&T Inc.’s computer servers to steal e-mail addresses and personal data about Apple Inc. iPad users, federal prosecutors in New Jersey said.
Daniel Spitler, 26, of San Francisco pleaded guilty today to conspiracy to gain unauthorized access to computers and to identity theft, U.S. Attorney Paul Fishman in New Jersey said in a press release. Spitler and Andrew Auernheimer of Fayetteville, Arkansas, were charged in January with breaches that occurred last year. Charges are pending against Auernheimer.
Prosecutors in Newark, New Jersey, said in January that both men were associated with Goatse Security, “a loose association” of hackers and so-called trolls, or people who disrupt Internet service.
The data breach and theft were “for the express purpose of causing monetary and reputational damage to AT&T and monetary and reputational benefits” for Spitler and Auernheimer, according to a Federal Bureau of Investigation complaint.
Susan Cassell, Spitler’s lawyer, didn’t immediately return a call.
AT&T offered Internet connections to iPad users over its 3G wireless network, according to the complaint. Users had to register with AT&T, which required them to provide an e-mail address. AT&T linked the address to a 19- or 20-digit code known as an integrated circuit card identifier, or ICC-ID.
Hackers wrote a script known as the “iPad 3G Account Slurper” to attack AT&T’s website and “harvest as many ICC- ID/e-mail address pairings as possible,” according to the complaint.
The case is U.S. v. Spitler, 11-mj-4022, U.S. District Court, District of New Jersey (Newark).
--Editors: Stephen Farr, Charles Carter
To contact the reporters on this story: David Glovin in New York at firstname.lastname@example.org; David Voreacos in Newark, New Jersey, at email@example.com.
To contact the editor responsible for this story: Michael Hytha at firstname.lastname@example.org.