Andrew Auernheimer, better known by his pseudonym “weev,” was sentenced today to 41 months in prison for exploiting an AT&T security flaw that allowed him to collect and publish the email addresses of 114,000 AT&T iPad owners. He alerted AT&T to the flaw before sending the dataset to Gawker, which published it, leading to an FBI investigation.
Mr. Auernheimer is part of the grey hat hacker collective Goatse Security, a division of the Gay Nigger Association of America, recently responsible for trolling the Daily Mail and unleashing a torrent of malicious spam on Tumblr. Back in November, Mr. Auernheimer was found guilty of “one count of identity fraud and one count of conspiracy to access a computer without authorization” for his participation in Goatse Security’s AT&T hack.
The case is a controversial one, as Goatse Security didn’t technically have to hack anything to obtain the information–they simply were exploiting a security flaw with AT&T. Still, Mr. Auernheimer must serve approximately 3.5 years in jail with three years of supervised release and a $73,000 fine to be paid to AT&T for damages (because AT&T is the real victim here).
Mr. Auernheimer’s legal defense team attempted to argue that he did not deserve hard time, and instead just six months probation for the offense, but that plea failed.
According to Gawker’s Adrian Chen, prosecutors cited a Reddit AMA Mr. Auernheimer did last night as proof that he would reoffend following his release. In the AMA, Mr. Auernheimer stated that he would run for Congress once released, and because of “congressional immunity” this would allow him to “drop hacks on the floor of Congress and be completely immune for doing so.”
For his part, Mr. Aeurnheimer seemed to show little remorse towards AT&T. “My regret is being nice enough to give AT&T a chance to patch before dropping the dataset to Gawker,” he wrote. “I won’t nearly be as nice next time.”