Computer Crime Research Center


Voicemail hacking

Date: January 21, 2006
By: Paul Brislen and Juha Saarinen

Sahil Gupta, the second man charged over the Telecom voicemail hacking incident in April, walked free from an Auckland court last week.

Gupta was charged along with a teenager who cannot be identified for legal reasons. The teen was charged with unauthorised access of a computer system and pleaded guilty. Gupta was charged under the same section of the Crimes Act and faced up to two years in prison.

However two justices of the peace discharged Gupta saying there was no case to answer after a hearing in the Auckland District Court on Wednesday.

Justices Riley and Walker heard evidence from the teenager who was questioned at some length by Crown lawyer David Johnstone. Johnstone was unable to establish Gupta’s involvement in the crime to his satisfaction and eventually admitted defeat. He halted his line of questioning and suggested to the justices that if they were to say Gupta had no case to answer he wasn’t in a position to argue.
After a brief deliberation the two JPs did just that and Gupta walked free.

Gupta wouldn’t comment to waiting media but his lawyer, Gordon Malenga, says his client is very happy with the outcome.

“Essentially it came out, as we’ve said all along, that it was [the teen’s] idea and while the two of them may have joked about it while it was happening, my client certainly wasn’t involved to any great degree.”

The hacking of Telecom’s mobile voicemail service came about almost by accident. The teen had worked out how to change the caller ID on his phone so he could ring friends pretending to be someone else “for a bit of a laugh”.

However, when he rang a phone owned by Web Guru Global he used that phone’s number as his own and was immediately able to access the voicemail service. Realising he had stumbled on to a way to listen to voicemail messages, he began searching online for phone numbers to call.

Eventually he accessed voicemail belonging to Telecom employees, police and Auckland mayor Dick Hubbard.

Gupta started ISP Net4U in Hamilton 2000 when he was just 15 and was hailed as a young internet entrepeneur. However, he quickly became embroiled in controversy, when an ex-employee emailed to reporters a recording of a telephone call in which Gupta boasted of stealing bandwidth from Auckland ISP Attica, which is now defunct.

Six months later fresh controversy erupted for Gupta when a database of Net4U customers, complete with credit card and telephone numbers, was posted on the web.
Net4U was placed in liquidation in 2004, owing hundreds of thousands of dollars in unpaid bills to its suppliers.

Telecom now tells its mobile customers to switch on the PIN number for voicemail services. The teen’s hack only worked because Telecom’s mobile phones are shipped with the PIN number security switched off. Customers are able to access their own voicemail directly from their cellphones by dialling 083210. The system then recognises their cellphone number and allows them access to the voicemail.

Installing the PIN means customers are forced to enter the PIN every time they access their voicemail.

Vodafone customers were not affected by the security breach.
Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo