[BreachExchange] TEENAGE HACKER HOPING TO WORK FOR APPLE BROKE INTO THE COMPANY'S SECURE NETWORK
Destry Winant
destry at riskbasedsecurity.com
Sun Aug 19 23:16:33 EDT 2018
https://www.independent.co.uk/life-style/gadgets-and-tech/news/apple-hack-private-data-servers-teenager-australia-a8495851.html
A 16-year-old boy from Melbourne, Australia, has admitted to hacking
into Apple's main computer network and downloading sensitive files.
Apple said on Friday that no customer data had been compromised,
despite the teenager accessing more than 90 gigabytes of data.
The hacker, whose name cannot be made public due to his age, stored
the secure documents in a folder called "hacky hack hack", according
to a report in The Age newspaper that cited statements by the
teenager's lawyer.
Apple said information security personnel at the company “discovered
the unauthorised access, contained it, and reported the incident to
law enforcement” without commenting further on the specifics of the
case.
A spokesperson for Apple added: “We ... want to assure our customers
that at no point during this incident was their personal data
compromised."
After discovering the intrusion, Apple contacted the US Federal Bureau
of Investigation (FBI), who referred the case to the Australian
Federal Police (AFP).
The AFP carried out a raid on the teenager's suburban home, seizing
two laptops, a hard drive and a mobile phone.
A prosecutor said: "The serial numbers [of the laptops] matched the
serial numbers of the devices which accessed the internal systems... A
mobile phone and hard drive were also seized and the IP address...
matched the intrusions into the organisation.
“The purpose was to connect remotely to the company’s internal systems.”
Following the raid, the boy reportedly told police that he "dreamed"
of working for Apple when he was older.
Messages on the seized phone revealed the boy had boasted about
hacking Apple to contacts on the WhatsApp messaging service.
The boy pleaded guilty to hacking into Apple's internal network,
downloading files and accessing accounts, and will face sentencing on
20 September.
More information about the BreachExchange
mailing list