Last year a 16-year-old student from Australia was found to have repeatedly broken into Apple’s network and downloaded large amounts of secure data. Now a similar case has come to court with an even younger defendant, a teenager who was 13 when he began accessing Apple servers.
Both teens accessed secure Apple files and hid their identities using a VPN. However, the Apple systems recorded the serial numbers of the MacBooks used in the attacks and were able to trace the hackers’ locations. Apple reported the hacks to the FBI who investigated along with the Australian Federal Police.
The older teen received probation in his court case last year. Recently the younger teen has been in court, defending himself against hacking charges.
The teenager’s lawyer, Mark Twiggs, argued to the court that he was too young to understand the seriousness of what he was doing. “This offending started when my client was 13 years of age, a very young age,” Twiggs said, according to ABC. “He had no idea about the seriousness of the offense and hoped that when it was discovered that he might gain employment at this company. He didn’t know this was going to lead to anything other than a job at the end of it.”
The court clearly felt sympathy for the teenager, who was acknowledged to be highly skilled and more naive than malicious.
“He is clearly someone who is a gifted individual when it comes to information technology,” Magistrate David White said, according to ABC. “That being said, those who have this advantage of being gifted doesn’t give them the right to abuse that gift. The manner in which the world functions is one that is heavily reliant on computer technology and those who unlawfully interfere with those systems can do enormous amounts of damage.”
In the end, the teenager did not receive a conviction. He was placed on a bond of $500 and will have his behavior monitored for nine months.
Apple has not commented on this latest court case, but did refer to its previous statement in which it said: “At Apple, we vigilantly protect our networks and have dedicated teams of information security professionals that work to detect and respond to threats. In this case, our teams discovered the unauthorized access, contained it, and reported the incident to law enforcement. We regard the data security of our users as one of our greatest responsibilities and want to assure our customers that at no point during this incident was their personal data compromised.”
