Australian teen hacked Apple's corporate network, accessed data and user accounts
Teen pleads guilty to downloading 90GB of secure files from Apple's internal systems and accessing customer accounts in repeated hacks from his suburban home.
A teenage hacker in Melbourne, Australia, repeatedly broke into Apple's computer systems and downloaded approximately 90 gigabytes of secure files and accessed customer accounts before he was caught. That's according to a report Thursday by The Age, which cited court proceedings.
The hacker was an Apple fan who "dreamed" of working for the company, the newspaper said. The defendant pleaded guilty, with sentencing set for next month.
Apple last year alerted the FBI, who in turn coordinated the case with Australian authorities. A prosecutor said that Apple was "very sensitive about publicity," with the case successfully kept out of the media until the court proceedings this week.
Aside from the 90 gigabytes of data, it's unknown how widespread the breach was, what type of accounts or other information were accessed, or whether the breach was worldwide or in any way localized to Australia.
Apple has not commented on the case.
It is unknown if any of the acquired data was provided to third parties. It is understood the hacker communicated with others on Whatsapp about the intrusion, though the content of the conversations was not released.
Earlier this week, Australia's government scheduled a debate over whether to force a weakening of encryption by Apple and other companies. In June, Apple was fined $6.7 million by Australian regulators over iPhone and iPad repair practices.
A teenage hacker in Melbourne, Australia, repeatedly broke into Apple's computer systems and downloaded approximately 90 gigabytes of secure files and accessed customer accounts before he was caught. That's according to a report Thursday by The Age, which cited court proceedings.
The hacker was an Apple fan who "dreamed" of working for the company, the newspaper said. The defendant pleaded guilty, with sentencing set for next month.
Apple last year alerted the FBI, who in turn coordinated the case with Australian authorities. A prosecutor said that Apple was "very sensitive about publicity," with the case successfully kept out of the media until the court proceedings this week.
Aside from the 90 gigabytes of data, it's unknown how widespread the breach was, what type of accounts or other information were accessed, or whether the breach was worldwide or in any way localized to Australia.
Apple has not commented on the case.
"Hacky hack hack"
The young hacker, whose name was not released for legal reasons, was caught after his home was raided last year by authorities, who found his files in a computer folder marked "hacky hack hack." Australian Federal Police also seized two Apple laptops, and found that the accused had obtained "authorized keys" to access Apple's systems.It is unknown if any of the acquired data was provided to third parties. It is understood the hacker communicated with others on Whatsapp about the intrusion, though the content of the conversations was not released.
Earlier this week, Australia's government scheduled a debate over whether to force a weakening of encryption by Apple and other companies. In June, Apple was fined $6.7 million by Australian regulators over iPhone and iPad repair practices.
Comments
SMS is much more universal than ‘Whatsapp’
Although it is much less secure than iMessage.
Just in case some smart Alec comes forward with "intelligent advice" that one could call Apple to resolve the issue... well I did and many did. No help. Visionary is visionary - does not give damn about solving fundamental problems first.
One would think in an abundance of caution Apple would have at least sent out password reset notifications to any affected customers.
Apple never ask for SS # but everything else they have.
So...it would seem the criminal simply obtained some sort of password or keys to access a computer system without proper authorization. I don't see that as "hacking" but just poor management by the owner of the system. To be sure, accessing a computer system without proper authorization (e.g. use of another's password) is a crime in the US.