September 14, 2005 2:19 PM PDT

Hilton hacker sentenced to juvenile hall

A Massachusetts teen who admitted to accessing T-Mobile USA's internal systems and posting data from Paris Hilton's cell phone on the Web will serve 11 months in a juvenile facility.

The teenager pleaded guilty last week to a series of hacking incidents, the theft of personal information and making bomb threats to high schools in Florida and Massachusetts, according to a statement from the U.S. attorney for the district of Massachusetts.

All crimes took place over a 15-month period, beginning in March 2004. Victims suffered a total of about $1 million in damages, according to the statement.

One of the crimes involves gaining unauthorized access to internal T-Mobile USA systems in January this year, a representative of the wireless carrier, a subsidiary of T-Mobile, said Wednesday.

The perpetrator's name is not being disclosed because he is a juvenile.

The young man was sentenced to 11 months of detention in a juvenile facility, to be followed by two years of supervised release. During the entire period, he is barred from owning or using a PC, cell phone or any other device that can access the Internet, according to the statement. (In the most famous example of a convicted hacker being kept away from computer technology, Kevin Mitnick spent the better part of a decade offline.)

Investigations into possible accomplices of the teenager are ongoing, the statement said.

Having gained access to T-Mobile USA's systems, the teen found information Paris Hilton stored on her Sidekick, a mobile device that lets users make calls, surf the Web, take pictures, and send e-mail and instant messages.

The unnamed teen subsequently published the information, which included racy pictures and phone numbers of Hilton's celebrity contacts, on the Web. The numbers included those of rapper Eminem, actor Vin Diesel, singers Christina Aguilera and Ashlee Simpson, and tennis players Andy Roddick and Anna Kournikova.

Hilton could not be reached for comment on the case because she was traveling in a country where her cell phone does not work, her publicist Robert Zimmerman said Wednesday.

Besides nabbing the personal information of socialite-turned-reality show celebrity Hilton, the teenager used the T-Mobile access to create telephone accounts for himself and friends without paying for them, the T-Mobile representative said.

"We're pleased that he has been brought to justice," T-Mobile spokesman Peter Dobrow said. "We dedicated significant resources to help bring this criminal to justice." The carrier has made changes to ensure that such breaches don't happen again, he said.

In addition to the T-Mobile incident and making bomb threats at high schools, the teen admitted to hacking into the network of a major Internet service provider, a data broker and a second major telephone provider, according to the U.S. attorney statement.

In the case of the ISP, the teen was able in August 2004 to access computers on the company's internal network and obtain proprietary information by installing a rogue program on an employee's computer, according to the statement. The ISP was America Online, a source familiar with the matter said Wednesday.

In January, the minor gained access to the systems of a data broker, which he used to look up information on individuals, according to the U.S. Attorney's statement. The data broker is LexisNexis, WashingtonPost.com reported. LexisNexis earlier this year said an intrusion into its databases may have compromised personal information of about 310,000 Americans.

In June, a second phone company became a victim to the juvenile's attack, according to the U.S. Attorney's statement. A phone that had been activated fraudulently was disabled, and the teen retaliated with a denial-of-service attack on the company's Web site when it refused to reactivate the phone.

"Computer hacking is not fun and games. Hackers cause real harm to real victims," U.S Attorney Michael Sullivan said in the statement. "Would-be hackers...should be put on notice that such criminal activity will not be tolerated."

See more CNET content tagged:
T-Mobile, LexisNexis, teen, hacking, Massachusetts

7 comments

Join the conversation!
Add your comment
Equal Under The Law!
Seems like you need to be a celebrity to get justice. Just check out
the poor sap that had his <A href="#">phone</a> stolen.

Either enforce the law equally, or not at all.
Posted by rbannon (96 comments )
Reply Link Flag
Harsh
1 year for a teenager! Thats really harsh. If this kid had hacked his principals sidekick, he would have gotten a month, maybe weeks in jail.

Bomb threats? ***?
Posted by wazzledoozle (288 comments )
Reply Link Flag
Not harsh enough
The kid committed the electronic equivalent of breaking and entering. He knew what he was doing was wrong, and he did it anyway. He got off lightly with less than a year in juvie.
Posted by Get_Bent (534 comments )
Link Flag
Harsh????
No way, I was thinking that he got off light. Definitely should've gotten more time than that, but I guess that's what happens when people get tried as a juvenile &#38; not as an adult.
Posted by M A (51 comments )
Link Flag
He didn't hack it
He didn't "hack" her phone, he guess the password - the name of her dog.
Posted by aabcdefghij987654321 (1721 comments )
Link Flag
Hire the guy for security analyst
Why arrest him? He found a security hole in your network. A Wireless phone company thats a multinational company and this teenager was able to hack into your network. The punishment does not fit the crime. T-mobile or some security company should hire the guy. If anything fire you existing security analyst for overlooking this hole in your so called secured network.

Just a thought, instead of punishing him by saying not to use a computer, have him educate you guys on "The mind of a hacker".

I just laugh at all these stupid laws. This is another injustice.

Yes he posted her info on the web but who as a teenager has not done anything that was simple a teenage action. Come on, he's growing up, don't arrest him and imply those terms on him.

He should be hired by some Security company for finding that hole in a multinational wireless providers network. If anything, I will cancle my T-mobile service to protest this action.

See you t-mobile, hello metropcs. www.metropcs.com


Salam,
Nael Mohammad
Posted by Nael (112 comments )
Reply Link Flag
Exactly
In general, IT security is a nightmare. If telecom billing and customer service systems are any indication then nightmare might be an understatement for that industry. Any help that we as a society can get, we should take. This kid obviously has a talent, so let's use it. I'd rather see his abilities utilized in a controled environment than wasted because we are too incompetent to know how to deal with him.
Posted by sphereframe (4 comments )
Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.