massive T-mobile security intrusion

[David Farber <dave () farber net>]

------ Forwarded Message
From: PRIVACY Forum <privacy () vortex com>
Date: Wed, 12 Jan 2005 11:12:25 -0800
To: <dave () farber net>
Cc: <lauren () vortex com>
Subject: massive T-mobile security intrusion


< NOT FOR IP >

------- Forwarded Message

Return-Path: list-maint () vortex com
Delivery-Date: Wed Jan 12 11:10:07 2005
Return-Path: <list-maint () vortex com>
Received: from nova.vortex.com (nova.vortex.com [67.119.61.36])
 by chrome.vortex.com (8.12.6/8.12.6) with ESMTP id j0CJA6FD017982
 for <privacy@[67.119.61.37]>; Wed, 12 Jan 2005 11:10:07 -0800 (PST)
Received: from rwcrmhc12.comcast.net (rwcrmhc12.comcast.net
[216.148.227.85])
 by nova.vortex.com (8.12.6/8.12.6) with ESMTP id j0CJ9sTT018427
 for <privacy () vortex com>; Wed, 12 Jan 2005 11:10:00 -0800 (PST)
Received: from rwcrmhc12.comcast.net (localhost[127.0.0.1])
          by comcast.net (rwcrmhc12) with ESMTP
          id <2005011219095201400fkalre>; Wed, 12 Jan 2005 19:09:52 +0000
Received: from [10.0.1.5] (h000393e0dd85.ne.client2.attbi.com[24.91.73.141])
          by comcast.net (rwcrmhc12) with ESMTP
          id <2005011219044201400gmk8he>; Wed, 12 Jan 2005 19:04:45 +0000
X-Comment: AT&T Maillennium special handling code - c
Mime-Version: 1.0
X-Sender:  (Unverified)
Message-Id: <p06110438be0b248f8220@[10.0.1.5]>
Date: Wed, 12 Jan 2005 14:04:44 -0500
To: undisclosed-recipient:;
From: Monty Solomon <monty () roscom com>
Subject: Hacker penetrates T-Mobile systems
Content-Type: text/plain; charset="us-ascii"
X-Scanned-By: milter-spamc/0.10.108 (neon [127.0.0.1]); Wed, 12 Jan 2005
11:10:01 -0800
X-Spam-Flag: NO
X-Spam-Status: NO, hits=-97.50 required=6.00
X-Spam-Level: 

Hacker penetrates T-Mobile systems

By Kevin Poulsen ,SecurityFocus
Jan 11 2005  7:43PM

A sophisticated computer hacker had access to servers at wireless
giant T-Mobile for at least a year, which he used to monitor U.S.
Secret Service e-mail,  obtain  customers' passwords and Social
Security numbers, and download candid photos taken by Sidekick users,
including Hollywood celebrities, SecurityFocus has learned.

Twenty-one year-old Nicolas Jacobsen was quietly charged with the
intrusions last October, after a Secret Service informant helped
investigators link him to sensitive agency documents that were
circulating in underground IRC chat rooms. The informant also
produced evidence that Jacobsen was behind an offer to provide
T-Mobile customers' personal information to identity thieves through
an Internet bulletin board, according to court records.

Jacobsen could access information on any of the Bellevue,
Washington-based company's 16.3 million customers, including many
customers' Social Security numbers and dates of birth, according to
government filings in the case. He could also obtain voicemail PINs,
and the passwords providing customers with Web access to their
T-Mobile e-mail accounts. He did not have access to credit card
numbers.

...

Cavicchia was the agent who last year spearheaded the investigation
of Jason Smathers, a former AOL employee accused of stealing 92
million customer e-mail addresses from the company to sell to a
spammer. The agent was also an adopter of mobile technology, and he
did a lot of work through his T-Mobile Sidekick -- an all-in-one
cellphone, camera, digital organizer and e-mail terminal. The
Sidekick uses T-Mobile servers for e-mail and file storage, and the
stolen documents had all been lifted from Cavicchia's T-Mobile
account, according to the affidavit.

...

http://www.securityfocus.com/news/10271


------- End of Forwarded Message


------ End of Forwarded Message


-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/