[ISN] Hackers post Paris Hilton's address book online

InfoSec News isn at c4i.org
Tue Feb 22 09:13:05 EST 2005


[My understanding of the Danger Hiptop/T-Mobile Sidekick is that
unlike Blackberry's or Palm PDA's, the Sidekick does a real time sync
with the T-Mobile servers automatically. Update a note, take a photo or 
a phone number and the information is transmitted on the fly back to 
T-Mobile network servers, compromise the internal servers, and more then 
likely you wouldn't need physical access to PDA to steal the data.  - WK]

By Paul Roberts
FEBRUARY 21, 2005 

Hackers penetrated the crystalline ranks of Hollywood celebrity 
Saturday, posting the cellular phone address book of hotel heiress and 
celebrity Paris Hilton on a Web page and passing the phone numbers and 
e-mail addresses of some of Tinsel Town's hottest stars into the 
public realm. 

A copy of Hilton's T-Mobile USA Inc. cell phone address book appeared 
on the Web site of a group calling itself "illmob." The address book 
contains information on over 500 of Hilton's acquaintances, including 
super celebrities such as Eminem and Christina Aguilera. It is not 
known how the information was obtained, but the release of the contact 
book may be further fallout from a hack of T-Mobile's servers that 
came to light in January. 

The Hilton address book was posted on the illmob Web site early Sunday 
and is a simple HTML table listing the phone numbers and e-mail 
addresses for acquaintances, along with other useful information, such 
as the number of the San Francisco Hilton Hotel and celebrity attorney 
Robert Shapiro. 

The leak is bound to prompt a furious round of unplanned number 
changes among Hilton's coterie, after fans and curious Web surfers 
learned of the hack and began dialling their favorite celebrities. 

Eminem's phone number was changed. Limp Bizkit front man Fred Durst's 
voice mailbox was full. Tennis star Anna Kournikova's number was busy, 
despite repeated attempts to get through. Robert Shapiro's answering 
machine picked up when called and provided a number to page the star 
attorney in an emergency. 

There was no answer at Hilton's home, nor did sister Nicky Hilton 
answer calls to her phone. 

Reached by phone, actor Kevin Connelly, of the cable television show 
"Entourage," said he had received between 200 and 300 phone calls 
since early Sunday, as word of the hacked address book spread across 
the Internet. Connelly plays opposite Adrian Grenier in the HBO show 
about a young celebrity and his colorful entourage of old school 
chums. He declined to comment on whether he knew Hilton or why his 
name appeared in her T-mobile phone list. 

Connelly, who received at least one other call while on the line with 
this reporter, said he would likely change his phone number today to 
stop the harassment. 

It was unclear yesterday how the cell phone contact list was obtained. 
However, Hilton's was one of a number of celebrity cell phones that 
was reportedly compromised in an attack on T-Mobile's network that 
netted information on 400 of the company's customers, including 
sensitive information from the account of a U.S. Secret Service agent. 

In January, the Bellevue, Wash., mobile carrier acknowledged that 
Nicholas Jacobsen, a California-based hacker, compromised its internal 
computer systems in 2003 and viewed the Social Security numbers of 400 
customers. T-Mobile, which is part of Deutsche Telekom AG, did not 
immediately respond to requests for comment late Sunday. 

Jacobsen pleaded guilty last week to one felony charge of accessing a 
protected computer and causing reckless damage. He is scheduled to be 
sentenced in May and faces a maximum possible sentence of five years 
imprisonment and a $250,000 fine. 

More information about the ISN mailing list