Photobucket Hackers Nabbed, Face Serious Charges From US Authorities

The U.S. Department of Justice said in a statement released Friday that two men, Brandon Bourret, and Athanasios Andrianakis, of Colorado Springs, Colorado and Sunnyvale, California, respectively, were arrested for their sale of software designed to breach the security of photo-sharing site Photobucket.com; their "Photofucket" app, says the linked Register report, was used "to plunder Photobucket's users' private and password-protected information, images and videos, it has been alleged ... The charge sheet against Bourret and Andrianakis details one count of conspiracy and one count of computer fraud, aid and abet – both of which carry a maximum prison sentence of five years and a fine of up to $250,000. In addition, the men stand accused of two counts of access device fraud, which carries a higher prison sentence of up to 10 years and a fine of up to a quarter of a million dollars, per count." The indictment, filed in Federal District Court in Colorado, is far easier to read than many.

"Hacking" goes a little far here..

The assets in question were not "protected" by passwords, they were stored on publicly accessible and easily guessable URLs. I mean, if by protected by password they mean anyone without the password could take common camera file names and type in an easily guessable URL without the password then well ya.
 

Re:"Hacking" goes a little far here..

[Sqr(twg)]

What if the sign doesn't say "no entry", but instead "feel free to request any URL that you want" ?