Case Study: UK Facebook Account Hacker Hit With A 12-Month Prison Sentence
In January 2011, in West Sussex, there was a serious breach of privacy for an unfortunate Facebook user. The crime was a breach of the Computer Misuse Act 1990 and had severe consequences for both the individual whose privacy was intruded upon as well as the hacker, who was charged with an entire year in prison. But what is the Computer Misuse Act 1990, what part of it did the hacker breach and why is a hacked Facebook account so serious? This blog post will help you to understand this crime and the implications it has for cybersecurity.
What exactly was the crime?
The crime, committed by the 21-year-old hacker Gareth Cross, was gaining unauthorised access to a private Facebook account. The owner of the account could not be revealed; this is to maintain the integrity of the case, as well as protect the owner of the account from another breach. The hacker also gained access to the private email function of the owner’s Facebook account. This means that other people’s personal information, that they had provided over email, was also accessed as well as the private data of the account owner.
What is the Computer Misuse Act 1990 and what parts of it did the hacker breach?
The Computer Misuse Act 1990 is a piece of legislation that allows law enforcement to prosecute people who access or modify data stored on a computer without the appropriate consent or permission. The act was drafted after two hackers used shoulder surfing (a threat which is addressed in our Cyber Crisis board game, which can be purchased on this website) to hack Prince Philip’s email account. When Gareth Cross hacked into the private Facebook account, he violated sections 1 and 3 of the Computer Misuse Act, due to him intentionally gaining access to someone else’s account with the goal of disrupting the service of Facebook for that user.
Why does this crime have serious implications?
The hacking of a private Facebook account is very serious for the future of cybersecurity. This is because Facebook is a large and very powerful company, so the fact that their systems were intruded on is concerning for all companies with a digital element, of which the number is growing rapidly. Additionally, customers not being able to trust the security of your service can lead to a decrease in demand for that service; this can be damaging to the company’s reputation and could even lead to a large loss in profits.
If you would like to learn more about how to protect yourself and your data online, please take a look at our online games, blog posts, or you can purchase our board game Cyber Crisis, which seeks to educate people about online threats and how you can protect yourself against them.