Earlier this week, Daniel Spitler pleaded guilty to one count of conspiracy to gain unauthorized access to computers connected to the Internet and one count of identity theft.
At sentencing, the hacker is facing up to 10 years in prison and $500,000 in fines but will likely see fractions of those maximums.
Adds U.S. Attorney Paul J. Fishman in a statement:
Computer hackers are exacting an increasing toll on our society, damaging individuals and organizations to gain notoriety for themselves. Hacks have serious implications – from the personal devastation of a stolen identity to danger to our national security. In the wake of other recent hacking attacks by loose-knit organizations like Anonymous and LulzSec, Daniel Spitler's guilty plea is a timely reminder of the consequences of treating criminal activity as a competitive sport.
A few of the most notable emails breached were New York Times Co. CEO Janet Robinson, Diane Sawyer of ABC News, film mogul Harvey Weinstein, NYC Mayor Michael Bloomberg and White House Chief of Staff Rahm Emanuel.
Goatse Security stole the data through a script on AT&T's website. All they needed to do was insert an ICC-ID as part of the HTTP request and the script returned the email address associated with that device.
Besides Spitler, an Andrew Auernheimer of Arkansas was also arrested and charged but it currently out on bond awaiting trial.