As cyberthreats mount, hacker’s conviction underscores criticism of government overreach

Their guns drawn, a dozen federal agents, police and forensics experts kicked in the door of a run-down two-story home in Arkansas shortly after dawn, barged inside and ordered the occupants to put their hands on their heads. The target of the raid was neither terrorist nor bank robber. He was a 24-year-old computer hacker suspected of handing off stolen e-mail addresses to the media. With that, the Justice Department began a case that has come to symbolize what some lawyers and civil libertarians see as overreach in the government’s campaign against cybercrime.

The hacker, Andrew Auernheimer, was convicted and sentenced last month to more than three years in prison for obtaining about 120,000 e-mail addresses of iPad users from AT&T’s Web site — including New York Mayor Michael R. Bloomberg (I), Hollywood executive Harvey Weinstein and other prominent figures — and giving them to the Web site Gawker. At the time it happened three years ago, the data breach jolted federal officials because it affected one of the nation’s most prominent companies and triggered fears about the security of increasingly popular mobile devices. Yet only a few, heavily redacted e-mail addresses were published, court documents show. No one’s account was broken into. AT&T fixed the problem in about an hour, and a company official testified that there probably was not enough evidence to sue the hackers.