I’m learning this a little late, but according to a complaint filed by AOL in NY City, AOL was repeatedly hacked by 17 year old Mike Nieves between December 24, 2006 and April 7, 2007. According to AOL, he has:
…committed offenses like computer tampering, computer trespass, and criminal possession of computer material. Among his alleged exploits:
- Accessing systems containing customer billing records, addresses, and credit card information
- Infecting machines at an AOL customer support call center in New Delhi, India, with a program to funnel information back to his PC
- Logging in without permission into 49 AIM instant message accounts of AOL customer support employees
- Attempting to break into an AOL customer support system containing sensitive customer information
- Engaging in a phishing attack against AOL staffers through which he gained access to more than 60 accounts from AOL employees and subcontractors
As a former paying customer of AOL (and a current member for research purposes, with a false name/address) my information might have been stolen, too, though I have no idea how many years back the stolen records extend to. I guarantee, though, if there’s a class-action coming out of this, I’m joining it.