Industry News

Apple hacked by 16-year-old who “dreamed” of working for firm

An Australian teenager has admitted hacking into Apple’s internal network and stealing 90 GB worth of files.

The 16-year-old, who cannot be named for legal reasons, has pleaded guilty to breaking into Apple’s systems on multiple occasions over the course of a year, from his parent’s home in Melbourne’s suburbs.

According to a report in The Age, the young hacker claimed to be a “fan” of the company, who “dreamed” of working for Apple one day.

The teen is thought to have attempted to hide his identity using a variety of tools, such as VPN software. But after Apple eventually spotted the unauthorised access of their internal systems they informed the FBI, who in turn worked with the Australian Federal Police to track down the intruder.

A search of the teenager’s home last year saw law enforcement officers seize two Apple laptops with serial numbers that “matched the serial numbers of devices which accessed the internal systems”, according to a prosecutor.

In addition, a mobile phone and hard drive was also seized.

According to the report, the boy is thought to have successfully accessed authorised login keys, and stored files in a folder labelled “hacky hack hack”.

In what is perhaps an indication of his immaturity, the teenage hacker is alleged to have bragged about his actions to others via WhatsApp.

An official statement from Apple, provided to the BBC, attempts to reassure Apple customers that their personal data was not at risk:

“We vigilantly protect our networks and have dedicated teams of information security professionals that work to detect and respond to threats.

“In this case, our teams discovered the unauthorised access, contained it, and reported the incident to law enforcement.

“We regard the data security of our users as one of our greatest responsibilities and want to assure our customers that at no point during this incident was their personal data compromised.”

Apple is understandably very sensitive to headlines that its systems may have been hacked, and there will no doubt be even greater embarrassment that it may have been successfully compromised for over a year by a boy aged just sixteen.

The boy is due to be sentenced on 20 September, and might serve as a warning to others: if you want to work for a company, it’s generally not a good idea to hack into it first.

About the author

Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.

5 Comments

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • Apple would do well to employ the lad rather than seek punishments , the systems they used are obviously poor if it was hacked by a minor.
    The FBI would do better to sue apple for wasting police time, it was hardly an intelligence agency that infiltrated the system. You can only surmise that Russia and China have both been in for a look around and covered their tracks on the way out. Pathetic!

  • That's funny and dangerous at the same time. Thankfully, no data was lost or leaked online. Props to the kid, though, for hacking into the servers of a trillion dollar company.

  • He should be paraded on TV by APPLE as their youngest new employee and show that although it is a crime it was and is Apple's fault for not safeguarding their own systems in the first place!! Whom they should shame and fire are the employee's who were charged with safeguarding their network and did not discover it till a year later. How else is the next generation going to gain trust in corporate work/life and pursue careers in STEM if they're punished for being curious?? This in no way helps the next crop of security engineers and security professionals in looking to help secure our systems!!

  • He wanted a white hat. Now, after prosecution, he'll get a black hat. He sounds good enough to cause havoc in the future. We could so easily employ his expertise to better secure Apple. Now, there'll be a vendetta by all black hats against Apple. Well done all of you!

  • Impressive, during a year? What a shame if its true.
    I fear terribly new generations, they are better prepared than ever for technology -also to commit fraud- and as someone said Apple would do well hiring it to take some pentesting procedures on their infrastructure. Huh!