AOL Hacked

I’m learning this a little late, but according to a complaint filed by AOL in NY City, AOL was repeatedly hacked by 17 year old Mike Nieves between December 24, 2006 and April 7, 2007. According to AOL, he has:

…committed offenses like computer tampering, computer trespass, and criminal possession of computer material. Among his alleged exploits:

  • Accessing systems containing customer billing records, addresses, and credit card information
  • Infecting machines at an AOL customer support call center in New Delhi, India, with a program to funnel information back to his PC
  • Logging in without permission into 49 AIM instant message accounts of AOL customer support employees
  • Attempting to break into an AOL customer support system containing sensitive customer information
  • Engaging in a phishing attack against AOL staffers through which he gained access to more than 60 accounts from AOL employees and subcontractors

(quote courtesy of InfoWorld)

As a former paying customer of AOL (and a current member for research purposes, with a false name/address) my information might have been stolen, too, though I have no idea how many years back the stolen records extend to. I guarantee, though, if there’s a class-action coming out of this, I’m joining it.

How safe can you feel using AOL now? Between this, the subscriber search records released online, and the fact that AOL’s site is being used by phishers, no one should feel safe using AOL at all.