Trying to hack ethically into Facebook without any proper documentation can land you behind the bars. That is what happened to 26-year old Glenn Steven Mangham.
Glenn, a software development student in the UK, has been jailed for eight months for hacking into Facebook from his bedroom at his parents’ house in York in northern England.
Glenn was found guilty and admitted to infiltrating Facebook in May last year. According to Alison Saunders, London’s Chief Prosecutor, the incident was the most expensive one, where Facebook had to spend $200,000 (£126,400) dealing with crime. It is being termed as a “concerted, time-consuming and costly investigation.”
When Facebook learnt that someone was trying to hack the site, they alerted the FBI, who then took over and traced the roots all the way back to the UK. He found his way in by hacking into the account of a Facebook employee.
Glenn defended himself to the Southwark Crow Court by stating “It was to identify vulnerabilities in the system so I could compile a report that I could then bundle over to Facebook and show them what was wrong with their system.”
Facebook introduced the Bug Bounty Program in an aim to encourage security researchers to report loopholes and glitches on the social networking site, and as a token of appreciation, Facebook offered them a monetary bounty of $500.
Since Facebook pays ethical hackers for disclosing vulnerabilities, Glenn states that his intentions were not wrong, but were to help the social networking giant find a solution. However, the judge decided that this was not Glenn’s intention at the time.
Glenn has earlier helped search engine site Yahoo to improve its security by hacking into the Yahoo’s system and reporting the same to the authorities. He wanted to do the same for Facebook, but was probably out of luck this time.
The judge stated “You accessed the very heart of the system of an international business of massive size, so this was not just fiddling about in the business records of some tiny business of no great importance”. He also noted that Glenn had risked “putting in danger the reputation of an innocent employee of Facebook”.
The student was also given a serious crime prevention order restricting his access to the internet and confiscating his computer equipment.
We really don’t know if Glenn was telling the truth, but lack of evidence did land him in trouble. So, if you’re an ethical hacker or working for any bounty program, then make sure you have everything documented accordingly. It can definitely save you from trouble or landing behind the bars.