A hacker accused with federal crimes for obtaining the personal data of more than 100,000 iPad owners from AT&T’s website was ruled guilty on Tuesday. Andrew Auernheimer, 26, of Fayetteville, Arkansas, was found guilty in federal court in New Jersey of one count of identity fraud and one count of conspiracy to access a computer without authority.
The two contacted the Gawker website to report the hole, a practice often adopted by security researchers to address the security holes that impact the public, and provided the site with harvested information as proof of the vulnerability.
Gawker reported at the time that the vulnerability was discovered by a group calling itself Goatse Security.
“AT&T needs to be held accountable for their insecure infrastructure as a public utility and we must defend the rights of consumers, over the rights of shareholders,” he wrote, according to prosecutors. ”I advise you to discuss this matter with your family, your friends, victims of crimes you have prosecuted, and your teachers for they are the people who would have been harmed had AT&T been allowed to silently bury their negligent endangerment of United States infrastructure.”