A Massachusetts teenager has pleaded guilty in federal court to hacking into the networks of Internet and telephone service providers, stealing someone’s personal information and posting it online, according to a statement from Michael Sullivan, U.S. Attorney for Massachusetts.
Although a spokeswoman for Sullivan declined to name the victim in the case, The Washington Post cited sources close to the investigation as saying it was heiress Paris Hilton.
Earlier this year, a copy of Hilton’s T-Mobile USA Inc. cell phone address book appeared on the Web site of a group calling itself “illmob”.
The 17-year-old boy charged in the case was sentenced to 11 months’ detention in a juvenile facility, to be followed by two years of supervised release. During that time, he is barred from possessing or using any computer, cell phone or other electronic equipment capable of accessing the Internet.
The boy also pleaded guilty to making bomb threats to high schools in Florida and Massachusetts in March 2004, according to the statement. In August 2004, the teen logged into the computer system of a major Internet service provider using a program he installed on an employee’s computer; the Post identified the ISP as America Online Inc. The program he installed allowed him to use the computer remotely to access other computers on the ISP’s internal network and gain access to portions of the ISP’s operational information, prosecutors said.
In January 2005, the juvenile gained access to the internal computer system of T-Mobile International and was able to look up account information of the company’s customers. That led the teen to discover key information about Hilton, who had an account with T-Mobile. He then accessed the information stored on her mobile telephone and posted the information on the Internet, according to the Post.
Also in January, an associate of the juvenile set up accounts for him at a company that stores identity information involving millions of individuals, prosecutors said. (The Post identified this company as the LexisNexis Group.) The boy then looked at the identity information for a number of people, prosecutors said.
Last spring, the teen used a portable wireless Internet access device to send a bomb threat to a school in Massachusetts and local emergency services, twice requiring emergency units to respond to the school, which had to be evacuated, prosecutors said.
In June, the teen threatened a telephone company after a phone that a friend of his had fraudulently activated was shut off, prosecutors said. In a recorded phone call, the boy told the service provider that if it didn’t give him access to its computer system, he would cause its Web service to collapse through a denial-of-service attack. The telephone service provider refused, and about 10 minutes later the teen and others initiated an attack that succeeded in shutting down a significant portion of the company’s Web operations.
The investigation into the teen’s associates is continuing.
Prosecutors said victims in the various cases suffered damages of approximately $1 million.