More

HuffPost Social Reading

Glenn Mangham Sentenced To Prison After 'Extensive' Facebook Hack

Glenn Mangham

By RAPHAEL SATTER   02/17/12 02:45 PM ET  AP

Inspiring
 Funny
 Obsolete
 Scary
 Must-Have
 Amazing
 Innovative
 Nerdy

LONDON -- A British student who stole sensitive information from Facebook's internal network was sentenced to eight months in prison Friday in what prosecutors described as the most serious case of social media hacking ever brought before the country's courts.

Prosecutor Sandip Patel said that Glenn Mangham, 26, had hacked into the social networking giant's computers from his bedroom in the northern England city of York and stole what was described as "invaluable" intellectual property.

"He acted with determination, undoubted ingenuity and it was sophisticated, it was calculating," Patel told London's Southwark Crown Court ahead of sentencing Friday. He added later: "This represents the most extensive and grave incident of social media hacking to be brought before the British courts."

London Chief Prosecutor Alison Saunders echoed Patel's description, saying in a statement that Mangham's actions were "extensive and flagrant." It was not immediately clear exactly what he stole, although Saunders said that no personal user data had been compromised.

Scotland Yard said in a statement that the breach had occurred "over a short period of time" in April of last year. The court was told that Mangham had obtained the information after hacking into the account of a Facebook employee while the staff member was on vacation.

The police statement said that Facebook Inc. discovered the breach in May and alerted the FBI, who traced the source of the attack back to Britain. Scotland Yard's e-crimes unit raided Mangham's home on June 2.

The software development student pleaded guilty on Dec. 13. His lawyer, Tony Ventham, described Mangham as an "ethical hacker" who saw the stunt as a challenge – and stressed that his client had never tried to sell the stolen data or pass it on to anyone else.

"This is someone who in previous times would have thrown everything aside to seek the source of the Nile," Ventham said. "He was in his own world, his own bedroom, his own mind, his own project and certainly his intention throughout was to contact Facebook in due course when he had rectified their problems."

But while Judge Alistair McCreath accepted that Mangham had not tried to profit from his crime, he said that the defendant's actions still had "very serious potential consequences" which could have been "utterly disastrous" for Facebook.

"This was not just a bit of harmless experimentation," McCreath told Mangham. "You accessed the very heart of the system of an international business of massive size, so this was not just fiddling about in the business records of some tiny business of no great importance."

The Palo Alto, California-based Facebook said in a statement that it applauded police and prosecutors' efforts in the case, adding: "We take any attempt to gain unauthorized access to our network very seriously."

The company, which boasts some 845 million users worldwide, recently filed papers for its initial public offering at the beginning of this month, putting it on track to price its stock in May or June.

Facebook is expected to be valued at $75 billion to $100 billion.

___

Online:

Related on HuffPost:

Check out the most common Facebook hacks and attacks.

  • Clickjacking

    Clickjackers on Facebook entice users to copy and paste text into their browser bar by posting too-good-to-be-true offers and eye-catching headlines. Once the user infects his own computer with the malicious code, the clickjackers can take control of his account, spam his friends and further spread their scam. For example, clickjacking schemes hit Facebook soon after bin Laden's death and spread like wildfire by purporting to offer users a glimpse at <a href="http://www.huffingtonpost.com/2011/05/04/bin-laden-death-video-hoax_n_857730.html" target="_hplink">video or photos of bin Laden's death</a>.

  • Fake Polls Or Questionnaires

    If you click on an ad or a link that takes you to questionnaire on a site outside Facebook, it's best to close the page. When you complete a fake quiz, you help a scammer earn commission. Sometimes the quiz may ask you to enter your mobile number before you can view your results. If the scammers get your number, they could run up charges on your account.

  • Phishing Schemes

    Phishers go after your credentials (username, password and sometimes more), then take over your profile, and may attempt to gain access to your other online accounts. Phishing schemes can be difficult to spot, especially if the scammers have set up a page that resembles Facebook's login portal.

  • Phony Email Or Message

    <a href="http://www.facebook.com/help/?page=1187" target="_hplink">Facebook warns</a> users to be on the lookout for emails or messages from scammers masquerading as "The Facebook Team" or "Facebook." These messages often suggest "urgent action" and may ask the user to update his account. They frequently contain links to malware sites or virus-ridden attachments. They may even ask for your username and password. The best advice Facebook offers is to report the sender and delete the messages without clicking anything.

  • Money Transfer Scam

    If a friend sent you a desperate-sounding Facebook chat message or wall post asking for an emergency money transfer, you'd want to help, right? Naturally. That's what makes this scam so awful. The point is to get you to wire money to scammers via Western Union or another transfer service.

  • Fake Friend Request

    Not all <a href="http://www.huffingtonpost.com/2011/02/10/facebook-friend-request-spam_n_821584.html?page=1" target="_hplink">friend requests</a> come from real people, despite Facebook's safeguards against bots. Some Facebook accounts exist purely to establish broad connections for spamming or extracting personal data from users, so watch out whose friend requests you accept.

  • Fake Page Spam

    Malicious pages, groups or event invitations aim to trick the user into performing actions that Facebook considers "abusive." For instance, a fake invite might offer a prize if you forward it to all your friends or post spammy content on their walls. Sometimes a scammer will set up fake pages as a front for a clickjacking or phishing scheme.

  • Rogue Apps

    Malicious apps are pretty common on Facebook these days. They can be a cover for phishing, malware, clickjacking or money transfer schemes. Oftentimes, the apps look convincingly real enough for users to click "Allow," as they would do with a normal Facebook app. However, rogue apps use this permission to spread spam through your network of friends. For example, the recent "<a href="http://www.huffingtonpost.com/2011/04/08/facebook-closing-accounts-scam-app_n_846737.html" target="_hplink">Facebook Shutdown</a>" scam spread by claiming that Facebook would delete all inactive accounts except those that confirmed via app installation.

  • The Koobface Worm

    The <a href="http://en.wikipedia.org/wiki/Koobface" target="_hplink">Koobface worm</a> is getting on in years (it first appeared in late 2008) and has been mostly scrubbed from the site, but Facebook still warns users to look out for it. Koobface spreads across social networks like Facebook via posts containing a link that claims to be an Adobe Flash Player update. Really, the link downloads malware that will infect your computer, hijack your Facebook profile and spam all your friends with its malicious download link. This worm affects mostly Windows users.

FOLLOW HUFFPOST TECH

LONDON -- A British student who stole sensitive information from Facebook's internal network was sentenced to eight months in prison Friday in what prosecutors described as the most serious case of so...
LONDON -- A British student who stole sensitive information from Facebook's internal network was sentenced to eight months in prison Friday in what prosecutors described as the most serious case of so...
Related News On Huffington Post:
 

Filed by Ramona Emerson  | 

More in Technology...


 
 
  • Comments
  • 71
  • Pending Comments
  • 0
  • View FAQ
Post Comment Preview Comment
To reply to a Comment: Click "Reply" at the bottom of the comment; after being approved your comment will appear directly underneath the comment you replied to.
View All
Favorites
Recency  | 
Popularity
Page: 1 2  Next ›  Last »  (2 total)
photo
iamospeak
3 Fans
08:28 PM on 02/21/2012
Hahaha !! second time Facebook get hacked. this student is very talented and now days facebook has their security and privacy issues. more information on Facebook Hacked : http://bit.ly/ukfacebookhacker
Permalink  |
photo
HUFFPOST SUPER USER
georgecarlin76
115 Fans
01:37 AM on 02/21/2012
Shouldn't Facebook employees be in jail for selling the same information?
Permalink  |
photo
HUFFPOST SUPER USER
brutusmojo
live w/motherearthnot juston her
53 Fans
 
12:04 PM on 02/20/2012
He got off to easy.
Permalink  |
Unibrow
22 Fans
05:18 PM on 02/19/2012
I question whether or not hacking should be a crime, if you don't steal or damage anything. And if someone hacks into a government computer that is part of national security, that person should be handsomely rewarded for exposing the security weakness.
Permalink  |
photo
HUFFPOST SUPER USER
Dh Barr
Bringing Clues to the Clueless
83 Fans
05:30 PM on 02/19/2012
If somebody breaks into your house and wanders around looking at your stuff "but did not steal or damage anything" is that a crime?

Funny how it is always the hackers that get caught that are always "just looking around" and not out to "steal or damage anything". I suppose if he was just wandering around your house and found $10K in your sock drawer you would trust him to just leave it there.
Permalink  |
photo
HUFFPOST SUPER USER
georgecarlin76
115 Fans
01:39 AM on 02/21/2012
We need laws preventing telecoms and social media selling our comments, texts, GPS coordinates, wiretaps and ambient wiretaps to any government officials, law enforcement or corporate entity without a warrant.
Permalink  |
midtown
178 Fans
10:08 AM on 02/19/2012
Oh, so it doesn't work both ways?
Permalink  |
RealistBC
603 Fans
10:49 PM on 02/18/2012
And how long does he have to wait for Rupert Murdoch to join him for his hacking? Or do billionaires get a pass due to their wealth?
Permalink  |
photo
dwhuston
Mitt---"The great white hope"
3158 Fans
09:56 AM on 02/21/2012
Obviously billionaires bet a pass. Apple, Google and Facebook routinely steal your personal information and data, So what was your point.
Permalink  |
Harrier
44 Fans
09:15 PM on 02/18/2012
Look like he was screwed over
Permalink  |
This user has chosen to opt out of the Badges program
photo
Questioning Conventions
11 Fans
04:44 PM on 02/18/2012
it doesn't sound like he did anything wrong to me

he didn't attempt to sell any information or extort facebook
all he did was figure out their network infrastructure while consuming their product

It would be the same thing if someone were to figure out the recipe for coca cola by performing a bunch of tests on it.
Permalink  |
photo
trron9
46 Fans
02:18 PM on 02/18/2012
As a condition of Parole he'll go to work for Google! :)
Permalink  |
photo
HUFFPOST SUPER USER
jasonedward
All ways are my ways.
204 Fans
01:12 PM on 02/18/2012
"Stole" does more than imply that what he took from his victim they no longer possess. Rather, he "copied" the information. To steal it, he'd would have needed to have deleted the original files after copying.
Permalink  |
photo
HUFFPOST SUPER USER
SickHippie
No, YOUR micro-bio is empty.
683 Fans
 
12:38 AM on 02/19/2012
Yeah, technology is funny like that. Pirates don't steal anything either. Stealing removes the original, piracy makes a copy. Somehow to the corporate minds, the copying is worse and deserving of worse punishment.
Permalink  |
HUFFPOST SUPER USER
zooperman
207 Fans
10:18 AM on 02/18/2012
"... this was not just fiddling about in the business records of some tiny business of no great importance..."

I fail to see the difference. The business records of a small company are every bit important to that small business and its employees and customers as Facebook's.

There is ALWAYS a risk of security breach by insiders or someone who uses an insider's password info. A few months is not enough.
Permalink  |
photo
LJohns1216
Question Everything Republican
305 Fans
10:04 AM on 02/18/2012
OMG PRISON???

The world is a mess....And our country is the messiest.
Permalink  |
photo
HUFFPOST SUPER USER
YeWight
82 Fans
04:31 AM on 02/18/2012
Until we find out what exactly he stole, I'd like to offer a wild guess - perhaps he stole the information about algorithms facebook uses to steal you personal information and profit from it?
Permalink  |
photo
HUFFPOST SUPER USER
YeWight
82 Fans
04:47 AM on 02/18/2012
More insight about the nature of the crime here:
http://www.dailymail.co.uk/news/article-2102690/Glenn-Mangham-hacked-Facebook-student-bedroom-brought-31m-empire.html?ITO=1490
Permalink  |
photo
HUFFPOST SUPER USER
YeWight
82 Fans
04:29 AM on 02/18/2012
His Honor McCreath is a moral and mental midget, as per his own statement:
"This was not just a bit of harmless experimentation," McCreath told Mangham. "You accessed the very heart of the system of an international business of massive size, so this was not just fiddling about in the business records of some tiny business of no great importance."

So, big business is a huge deal, while "some tiny business" deserves no equal respect and treatment as a big one? I thought in the eye of law all people and their property should be equal?
Permalink  |
This user has chosen to opt out of the Badges program
photo
ZetaReticuli
60 Fans
03:13 AM on 02/18/2012
Financial hackers not in prison, eh?
Permalink  |
 
Page: 1 2  Next ›  Last »  (2 total)