A U.S. wireless carrier was hacked over seven months by a person reading e-mails and personal files – including those of a Secret Service agent probing the hacks – while South Africa was hit with the largest Web hack in its history last weekend by a Moroccan group calling itself Team-evil.
The T-Mobile hacking reportedly began in late 2003, and the company tipped off the Secret Service. The hacker is believed to have gotten names and Social Security numbers but not credit card information.
"This same person is also believed to be involved in other attempts to gain unauthorized access to customer information," T-Mobile said in a statement. "The Secret Service is investigating these allegations, and T-Mobile is cooperating to the fullest extent, including with regard to the allegations that customer photos have been subject to unauthorized access."
But it turned out that Secret Serviceman Peter Cavicchia was one of the compromised T-Mobile customers. The hacker, believed to be Nicholas Jacobsen, a computer engineer, broke into and stole some of Cavicchia’s personal and work files, which Cavicchia kept on T-Mobile servers, and tried selling those files, T-Mobile said.
Cavicchia’s account, however, “had very limited investigative material on it, which should not have been kept on a personal PDA – that's against Secret Service policy," agency spokesman Jonathan Cherry told reporters. "No investigative operations were compromised in regards to this intrusion." The Secret Service has been conducting a probe of underground hacker groups, a probe known as Operation Firewall.
South Africa might wish they had a probe like that going after the January 8 hack against a Johannesburg Internet service provider, Gamco, by the Team-evil group. The group hit over 260 sites managed by the ISP, crippling them for the short term and pasting up messages calling the U.S. and Israel terrorists.
The hack hit more South African-based Websites in a day than had ever been damaged before since South Africa became an Internet country. Gamco officials told South African media that the damage was repaired within two hours.
South Africa punishes hackers with five years in prison, but authorities acknowledge it’s difficult to hunt down foreign-based hackers. Team-evil is thought by authorities in South Africa to involve four hackers tied to an Albanian cybercrime group.
