Security threats Toolkit

Hilton hacker sent down

Tags:
Paris Hilton,
Hacking,
Sidekick

Joris Evers CNET News.com

Published: 15 Sep 2005 09:25 BST

A Massachusetts teen who admitted to accessing T-Mobile USA's internal systems and posting data from Paris Hilton's mobile phone on the Web will serve 11 months in a juvenile facility.

The teenager pleaded guilty last week to a series of hacking incidents, the theft of personal information and making bomb threats to high schools in Florida and Massachusetts, according to a statement from the US attorney for the district of Massachusetts.

All crimes took place over a 15-month period, beginning in March 2004. Victims suffered a total of about $1m (£600,000) in damages, according to the statement.

One of the crimes involves gaining unauthorised access to internal T-Mobile USA systems in January this year, a representative of the wireless carrier, a subsidiary of T-Mobile, said Wednesday.

The perpetrator's name is not being disclosed because he is a juvenile.

The young man was sentenced to 11 months of detention in a juvenile facility, to be followed by two years of supervised release. During the entire period, he is barred from owning or using a PC, mobile phone or any other device that can access the Internet, according to the statement.

Investigations into possible accomplices of the teenager are ongoing, the statement said.

Having gained access to T-Mobile USA's systems, the teen found information Paris Hilton stored on her Sidekick, a mobile device that lets users make calls, surf the Web, take pictures, and send e-mail and instant messages.

The unnamed teen subsequently published the information, which included racy pictures and phone numbers of Hilton's celebrity contacts, on the Web. The numbers included those of rapper Eminem, actor Vin Diesel, singers Christina Aguilera and Ashlee Simpson, and tennis players Andy Roddick and Anna Kournikova.

Hilton could not be reached for comment on the case because she was travelling in a country where her cell phone does not work, her publicist Robert Zimmerman said on Wednesday.

Besides nabbing the personal information of socialite-turned-reality-show celebrity Hilton, the teenager used the T-Mobile access to create telephone accounts for himself and friends without paying for them, the T-Mobile representative said.

"We're pleased that he has been brought to justice," T-Mobile spokesman Peter Dobrow said. "We dedicated significant resources to help bring this criminal to justice." The carrier has made changes to ensure that such breaches don't happen again, he said.

In addition to the T-Mobile incident and making bomb threats at high schools, the teen admitted to hacking into the network of a major ISP, a data broker and a second major telephone provider, according to the US attorney statement.

In the case of the ISP, the teen was able in August 2004 to access computers on the company's internal network and obtain proprietary information by installing a rogue program on an employee's computer, according to the statement. The ISP was America Online, a source familiar with the matter said on Wednesday.

In January, the minor gained access to the systems of a data broker, which he used to look up information on individuals, according to the US Attorney's statement. The data broker is LexisNexis, WashingtonPost.com reported. LexisNexis earlier this year said an intrusion into its databases may have compromised personal information of about 310,000 Americans.

In June, a second phone company became a victim to the juvenile's attack, according to the US Attorney's statement. A phone that had been activated fraudulently was disabled, and the teen retaliated with a denial-of-service attack on the company's Web site when it refused to reactivate the phone.

"Computer hacking is not fun and games. Hackers cause real harm to real victims," US Attorney Michael Sullivan said in the statement. "Would-be hackers... should be put on notice that such criminal activity will not be tolerated."