Despite predictions that the two Goatse Security members arrested for the AT&T breach will likely plead not guilty to the charges of identity theft and conspiracy to access a computer without authorization, one of them ended up pleading guilty on both counts.
For all the initial protestations that they compromised the AT&T site only to point out its poor security, Daniel Spitler has had a change of heart and is now awaiting sentencing that is scheduled for the end of September. The maximum sentence for each charge is five years in prison and a $250,000 fine.
Andrew Auernheimer, the other arrested Goatse member, is still out on bail and is expected to be indicted at the end of the year.
According to the NYT, AT&T has offered no comment about the court’s decision.
At the time of the breach, the situation raised quite a few questions about the security of AT&T servers, especially because amidst the 114,000 iPad owners’ emails and account IDs exposed, there were quite a few belonging to staffers in Senate, Department of Justice, DHS, and other state and federal institutions, various CEOs and media moguls.