Security Experts:

Facebook Account Hack Lands British Man Behind Bars

A British man was sentenced to a year in prison for hacking the Facebook account of a U.S. citizen.

Gareth Crosskey, 21, of Lancing, West Sussex, was sentenced Wednesday following an investigation by the Metropolitan Police Service's Police Central e-Crime Unit (PCeU). According to PCeU, Crosskey gained unauthorized access to an unidentified individual’s Facebook account January 12, 2011. The breach was first reported to the FBI, who traced the source of the intrusion to the U.K. and passed the investigation off to the eCU.

Crosskey was arrested at his home July 14, 2011, for violating the Computer Misuse Act. Computers and other storage devices were recovered from his home as part of the investigation, authorities said. He pleaded guilty to the charges against him.

“The PCeU are working to detect and bring before the courts those responsible for this type of offence,” the police agency said in a statement. “(Wednesday’s) result should act as a deterrent to any individuals thinking of participating in this type of criminal activity. By taking swift action, PCeU officers were able to quickly detain Crosskey thereby preventing further disruption to the victim.”

In February, a software development student was sentenced to eight months in jail for hacking Facebook, in an act a judge said could have been “utterly disastrous” for the social networking giant. In that case, Glenn Mangham hacked a Facebook employee’s account in 2011 from his parents’ home in Britain.  He also accessed a number of Facebook’s servers, including a mail server used to run internal and external email lists, and downloaded the company’s source code.

Mangham’s defense was that he was an ethical hacker merely trying to expose security vulnerabilities so that they could be fixed. However prosecutors were not buying, and noted that the investigation cost Facebook $200,000. In April, Mangham posted a video and blog post online taking responsibility for the hack, but reiterated that he meant no harm.

“Others who are interested in uncovering security holes in Facebook's systems might be wise to take heed of Mangham's story,” Graham Cluley, senior technology consultant at Sophos, blogged at the time. “If you illegally access Facebook's computers while investigating a potential vulnerability, the social network may take a very dim view of your actions.”

Subscribe to the SecurityWeek Email Briefing
view counter