Published January 13, 2015
A hacker broke into a wireless carrier's network over at least seven months and read e-mails and personal computer files of hundreds of customers, including the Secret Service (search) agent investigating the hacker, the government said Wednesday.
The hacker obtained an internal Secret Service memorandum and part of a mutual assistance legal treaty from Russia (search). The documents contained "highly sensitive information pertaining to ongoing ... criminal cases," according to court records.
The break-in targeted the network for Bellevue, Wash.-based T-Mobile USA (search), which has 16.3 million customers in the United States. It was discovered during a broad Secret Service investigation, "Operation Firewall," which targeted underground hacker organizations known as Shadowcrew, Carderplanet and Darkprofits.
Nicolas Lee Jacobsen, 21, of Santa Ana, Calif., a computer engineer, has been charged with the break-in in U.S. District Court in Los Angeles. Investigators said they traced the hacker's online activities to a hotel near Buffalo, N.Y., where Jacobsen was staying.
Jacobsen, who was arrested in October in California, has been released on a $25,000 bond posted by his uncle, who was ordered to keep his own personal computer locked up so Jacobsen couldn't use it.
The hacker was able to view the names and Social Security numbers of 400 customers, all of whom were notified in writing about the break-in, T-Mobile said. It said customer credit card numbers and other financial information never were revealed.
"Safeguarding T-Mobile customer information is a top priority for the company," said a spokesman, Peter Dobrow. He said T-Mobile discovered the break-in late in 2003 and "immediately took steps that prevented any further access to this system."
Court records said the hacker had access to T-Mobile customer information from at least March through October last year.
An online offer in March 2004, traced to Jacobsen, claimed hackers could look up the name, Social Security number, birth date and passwords for voice mails and e-mails for T-Mobile customers, court records said.
The Secret Service said its agent, Peter Cavicchia, should not have been using his personal handheld computer for government work. Cavicchia, a respected investigator who has specialized in tracking hackers, was a T-Mobile customer who coincidentally was investigating the T-Mobile break-in, according to court documents and a Secret Service spokesman, Jonathan Cherry.
Cavicchia, who won the Secret Service's medal of valor for his actions in the Sept. 11, 2001, terror attacks, resigned to work in the private sector. He told The Associated Press he was not asked to leave and said he was cleared during an internal investigation into whether he had improperly revealed sensitive information or violated agency rules.
The case against Jacobsen was first reported by the Web site Security Focus, which is owned by Symantec Corp.
Cherry, the Secret Service spokesman, said the agency's own e-mail servers were not affected by the T-Mobile break-in. "The account was a personal account of a Secret Service agent that was for a time compromised," Cherry said.
Cavicchia's T-Mobile handheld computer contained "very limited investigative material" that was obtained by the hacker, Cherry said, adding that no government investigations were compromised. Cherry said Secret Service policies prohibit agents from keeping work-related files on personal computers.
Cavicchia said Secret Service supervisors frequently e-mailed documents and other files to his wireless computer to review while he was traveling. "The only way for me to review documents while I was on the road was for them to send them to that address, which they knew wasn't an agency address," Cavicchia said.
John Frazzini, a former Secret Service agent, praised Cavicchia, who worked on some of the government's most sensational hacker cases. "His record is one of the most impressive that I have seen in the area of cybercrime investigations," Frazzini said.