Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacker Penetrates T-Mobile Systems

Posted by timothy on from the sounds-like-a-movie-plot dept.

An anonymous reader writes "SecurityFocus.com reports 'a sophisticated computer hacker had access to servers at wireless giant T-Mobile for at least a year, which he used to monitor U.S. Secret Service e-mail, obtain customers' passwords and Social Security numbers, and download candid photos taken by Sidekick users, including Hollywood celebrities.' Demi Moore and Paris Hilton are involved."

12 of 396 comments (clear)

  1. linkie? and recruitment by BoldAC · · Score: 5, Insightful

    Genovese provided SecurityFocus with an address on his website featuring what appears to be grainy candid shots of Demi Moore, Ashton Kutcher, Nicole Richie, and Paris Hilton.

    Okay, all my Karma points for a link. :)

    The same source also offers an explanation for the secrecy surrounding the case: the Secret Service, the source says, has offered to put the hacker to work, pleading him out to a single felony, then enlisting him to catch other computer criminals in the same manner in which he himself was caught. The source says that Jacobson, facing the prospect of prison time, is favorably considering the offer.

    As much as we make fun of the computer knowledge of our governments, they finally seem to be on the right track. You must have some of these guys in your pocket to really have a chance. Can you trust them? Probably not completely... but if they bring you some knowledge, skills, and some of the most damaging players, then it's worth it.

  2. His Resume is posted online ! by Anonymous Coward · · Score: 5, Informative

    http://lists.jammed.com/securityjobs/2001/09/att-0 059/01-RESUME_OF_NICHOLAS_JACOBSEN.txt

    1. Re:His Resume is posted online ! by Anonymous Coward · · Score: 5, Informative
      http://lists.jammed.com/securityjobs/2001/09/att-0 059/01-RESUME_OF_NICHOLAS_JACOBSEN.txt

      Clicky... AC, so no karma whoring for me. :-)

  3. The News by DrugCheese · · Score: 5, Insightful

    I bet the American public will be more flabergasted over the fact that he has pictures of Demi Moore and Paris Hilton that haven't been released then the fact he was spying on the Secret Service.

    Some days I'm proud to be american, but then the drugs wear off.

    --
    *DrugCheese rants*
  4. Re:Argh... by Anonymous Coward · · Score: 5, Funny

    you mean cracker?

    How do you know he's white?

  5. Re:Get Moore !?! by lucabrasi999 · · Score: 5, Informative
    Q: If I were a customer and I found out that my identity has been stolen, could I sue T-Mobile for any damages since they knew of the problem, or perhaps for just having breakable security?

    RTFA:

    T-Mobile, which apparently knew of the intrusions by July of last year, has not issued any public warning. Under California's anti-identity theft law "SB1386," the company is obliged to notify any California customers of a security breach in which their personally identifiable information is "reasonably believed to have been" compromised. That notification must be made in "the most expedient time possible and without unreasonable delay," but may be postponed if a law enforcement agency determines that the disclosure would compromise an investigation.

    It appears that if you sue, you won't win.

  6. But how could he NOT get caught? by HawkinsD · · Score: 5, Insightful

    FA says that he was offering ssn, dob, passwords, etc. for sale.

    So... let's say that I want to patronize his obviously grossly illegal service. How do you consummate a transaction like this? Cash in a Fedex envelope? Sent to whom? A P.O. box?

    Who performs first? Are there criminal escrow services?

    And how stupid do you have to be to take out an ad online, in a known criminal hangout, announcing your secret power, and providing contact info?

    Is there something I'm missing here?

    No, really.

    --
    Never attribute to malice that which can be explained by mere idiocy.
  7. Comment removed by account_deleted · · Score: 5, Insightful

    Comment removed based on user account deletion

  8. Are budget cuts that severe? by motherjoe · · Score: 5, Insightful

    Why on earth is the Secret Service of the United States using T-Mobile as an ISP/Email provider?

    What's next? The FBI, CIA, etc is compromised while using hotmail, Yahoo, or Google mail?

    Are Gov IT cutbacks so severe they have to turn to places like this to send messages?

    --
    "Beer is proof that God loves us and wants us to be happy - Benjamin Franklin"
  9. Re:Get Moore !?! by lucabrasi999 · · Score: 5, Interesting

    As I read even more of the FA:

    According to court records the massive T-Mobile breach first came to the government's attention in March 2004, when a hacker using the online moniker "Ethics" posted a provocative offer on muzzfuzz.com, one of the crime-facilitating online marketplaces being monitored by the Secret Service as part of Operation Firewall.
    "[A]m offering reverse lookup of information for a t-mobile cell phone, by phone number at the very least, you get name, ssn, and DOB at the upper end of the information returned, you get web username/password, voicemail password, secret question/answer, sim#, IMEA#, and more," Ethics wrote.

    It appears the feds knew about this months ago.

  10. Re:Not-so Secret Service by fizban · · Score: 5, Insightful

    Hello? Welcome to the United States. The internet infrastructure is built and controlled by companies. It's not like our government agencies have their own internet. If a Secret Service Agent needs to send an email to the home office, he'll pick up his sidekick, his Blackberry, his Palm, his laptop, etc., connect to a service provider like T-mobile, Verizon, Comcast, etc. and send his message or store his files. Probably encrypted, but maybe not always if it's not a considered a very sensitive communication.

    A lot of people have crazy delusions that secret agencies live in some far off technical wonderhome, where all communications are encrypted with some super 733t MD67 algorithm never before seen by any other person in the world, all access is controlled by handprint and retinal scan identification and everyone walks around with James Bond gadgets in their pockets. It's just not so. These people live and work in normal offices and normal homes and deal with the same crappy, bug-ridden and insecure hardware and software that the rest of us do. It's probably a bit better than your normal corporate office, but not by much.

    --

    +1 Insightful, -1 Troll. What can I say, I'm an Insightful Troll.

  11. Are you new here? by copponex · · Score: 5, Insightful

    Situational ethics are pervasive in our society. Steal 100,000,000 through insurance fraud, you get 5 years. Rob 10,000 at a bank, and get 20.

    This is also the same country where we gave a dictator the technology and biological weapons to kill his own people by the tens of thousands, and used that as a reason 15 years later to depose him.

    Get used to it.