Language Selection

English French German Italian Portuguese Spanish

AOL Worker Who Stole E-Mail List Sentenced

Filed under
Legal

A former America Online software engineer was sentenced Wednesday to a year and three months in prison for stealing 92 million screen names and e-mail addresses and selling them to spammers who sent out up to 7 billion unsolicited e-mails.

"I know I've done something very wrong," a soft-spoken and teary eyed Jason Smathers told U.S. District Judge Alvin Hellerstein.

The judge credited the 25-year-old former Harpers Ferry, W. Va., resident for his contrition and efforts to help the government before he pleaded guilty to conspiracy charges. A plea deal had called for a sentence of at least a year and a half in prison.

In a letter from Smathers to the court that was read partially into the record by Assistant U.S. Attorney David Siegal, Smathers tried to explain the crimes that AOL has said cost the company at least $400,000 and possibly millions of dollars.

"Cyberspace is a new and strange place," Siegal said Smathers wrote. "I was good at navigating in that frontier and I became an outlaw."

As the judge indicated he would be lenient toward Smathers, Siegal told Hellerstein that the public needs to learn from the case that the "Internet is not lawless."

"The public at large has an interest in making sure people respect the same values that apply in everyday life, on the Internet," Siegal said.

The judge imposed the reduced sentence of one year and three months, saying he recognized that Smathers cooperated fully with the government but did not have the kind of information that would have helped to build other criminal cases.

He said leniency was appropriate for "someone who tries hard to bare his soul but doesn't have the information the government needs."

In December, Hellerstein rejected the first attempt by Smathers to plead guilty, saying he was not convinced he had actually committed a crime. The judge accepted the plea in February, saying prosecutors had sufficiently explained why he had.

Smathers has admitted that he accepted $28,000 from someone who wanted to pitch an offshore gambling site to AOL customers, knowing that the list of screen names might make its way to others who would send e-mail solicitations.

The judge has recommended that Smathers be forced to pay $84,000 in restitution, triple what he earned. The imposition of restitution was delayed to give AOL a chance to prove the damages were much greater. The judge suggested the figure of at least $400,000 in damages was subjective.

Prosecutors said Smathers had engaged in the interstate transportation of stolen property and had violated a new federal CAN-SPAM law, short for Controlling the Assault of Non-Solicited Pornography and Marketing Act, which is meant to diminish unsolicited e-mail messages about everything from Viagra to mortgages.

In December, the judge said he had dropped his own AOL membership because he received too much spam.

America Online Inc., a wholly owned subsidiary of Time Warner Inc., has since launched a major assault on spam, significantly reducing unsolicited e-mails.

Smathers was fired by AOL last June. Authorities said he used another employee's access code to steal the list of AOL customers in 2003 from its headquarters in Dulles, Va.

Smathers allegedly sold the list to Sean Dunaway, of Las Vegas, who used it to send unwanted gambling advertisements to subscribers of AOL, the world's largest Internet provider. Charges are pending against Dunaway.

The stolen list of 92 million AOL addresses included multiple addresses used by each of AOL's estimated 30 million customers. It is believed to be still circulating among spammers.

The judge refused a Probation Department recommendation that Smathers be banned from his profession, saying he trusted Smathers had learned his lesson.

Associated Press

More in Tux Machines

today's howtos

Security: Uber Sued, Intel ‘Damage Control’, ZDNet FUD, and XFRM Privilege Escalation

  • Uber hit with 2 lawsuits over gigantic 2016 data breach
    In the 48 hours since the explosive revelations that Uber sustained a massive data breach in 2016, two separate proposed class-action lawsuits have been filed in different federal courts across California. The cases allege substantial negligence on Uber’s part: plaintiffs say the company failed to keep safe the data of the affected 50 million customers and 7 million drivers. Uber reportedly paid $100,000 to delete the stolen data and keep news of the breach quiet. On Tuesday, CEO Dara Khosrowshahi wrote: “None of this should have happened, and I will not make excuses for it.”
  • Intel Releases Linux-Compatible Tool For Confirming ME Vulnerabilities [Ed: ‘Damage control’ strategy is to make it look like just a bug.]
    While Intel ME security issues have been talked about for months, confirming fears that have been present about it for years, this week Intel published the SA-00086 security advisory following their own internal review of ME/TXE/SPS components. The impact is someone could crash or cause instability issues, load and execute arbitrary code outside the visibility of the user and operating system, and other possible issues.
  • Open source's big weak spot? Flawed libraries lurking in key apps [Ed: Linux basher Liam Tung entertains FUD firm Snyk and Microsoft because it suits the employer's agenda]
  • SSD Advisory – Linux Kernel XFRM Privilege Escalation

gThumb 3.6 GNOME Image Viewer Released with Better Wayland and HiDPI Support

gThumb, the open-source image viewer for the GNOME desktop environment, has been updated this week to version 3.6, a new stable branch that introduces numerous new features and improvements. gThumb 3.6 comes with better support for the next-generation Wayland display server as the built-in video player, color profiles, and application icon received Wayland support. The video player component received a "Loop" button to allow you to loop videos, and there's now support for HiDPI displays. The app also ships with a color picker, a new option to open files in full-screen, a zoom popover that offers different zoom commands and a zoom slider, support for double-click activation, faster image loading, aspect ratio filtering, and the ability to display the description of the color profile in the property view. Read more Also: Many Broadway HTML5 Backend Improvements Land In GTK4

ExTiX 18.0, 64bit, with Deepin Desktop 15.5 (made in China!) and Refracta Tools – Create your own ExTiX/Ubuntu/Deepin system in minutes!

I’ve made a new extra version of ExTiX with Deepin 15.5 Desktop (made in China!). Deepin is devoted to providing a beautiful, easy to use, safe and reliable system for global users. Only a minimum of packages are installed in ExTiX Deepin. You can of course install all packages you want. Even while running ExTiX Deepin live. I.e. from a DVD or USB stick. Study all installed packages in ExTiX Deepin. Read more Also: ExTiX, the Ultimate Linux System, Now Has a Deepin Edition Based on Ubuntu 17.10 Kali Linux 2017.3 Brings New Hacking Tools — Download ISO And Torrent Files Here