Unauthorized Access

Bits ‘n Pieces

In the justice system: Following up on a story here: former State Department employee Dwayne F. Cross was sentenced to 12 months of probation and ordered to perform 100 hours of community service for illegally accessing more than 150 confidential passport application files. More. Identity theft to obtain medical services is not new, but...

Australian hacker sentenced for 3 years

Following up on the story reported last week, Renai LeMay and Alex Serpo of ZDNet Australia report that David Anthony McIntosh, the former CSG employee who crashed several government services at Berrimah Prison, Royal Darwin Hospital and the Supreme Court on May 5 last year and who deleted over 10,000 public servants from the...

Did The BBC break the law in its botnet report?

So…. did The BBC break the law when it bought and implemented a 22,000-strong botnet as part of its Click news reporting? Nick Farrell of IT Examiner reports that Sophos’ Graeme Cluely suggests that they did because the UK Computer Misuse Act makes it an offense in the United Kingdom to access another person’s...

Sprint: Employee Stole Customer Data (updated)

Brian Krebs of Security Fix reports that Sprint  sent letters to several thousand customers  to inform them that a former employee sold or otherwise provided their account data without permission between December 2008 and January 2009. Updated Apr. 1: Sprint’s notification (pdf) to the NH Attorney General is now available online.

T-Mobile case update: indicted men were not employees

As an update to the story here: A spokesperson for the U.S. Attorney’s Office informs me that the 5 men who were indicted today were not employees of T-Mobile. They allegedly accessed and acquired the customer data via an authorization code that they obtained from the owner of a T-Mobile store. The owner of...