WASHINGTON (AP) - In the heat of a monthslong hacker investigation into an extraordinary break-in at a leading wireless carrier's network, an Internet informant approached the Secret Service with startling news: The targeted hackers were reading some of the agency's own e-mails and computer files.
The trove of illicit government data included a "highly sensitive" internal Secret Service memorandum and part of a mutual assistance legal treaty from Russia, according to court records. A hunted hacker turned his sights on his pursuers, targeting at one point the desktop computer of a Secret Service agent on his trail.
The break-in targeted the network of Bellevue, Wash.-based T-Mobile USA, which has 16.3 million customers nationwide. It was discovered during a broader Secret Service investigation, "Operation Firewall," which targeted underground hacker organizations known as Shadowcrew, Carderplanet and Darkprofits.
But in a twist, one of the government's investigators was also a T-Mobile customer and sometimes used the wireless network to communicate about the case, unaware it wasn't safe.
Nicolas Lee Jacobsen, 21, of Santa Ana, Calif., a computer engineer, has been charged with the T-Mobile break-in in U.S. District Court in Los Angeles. Investigators said they traced the hacker's online activities to a hotel near Buffalo, N.Y., where Jacobsen was staying.
Jacobsen, who was arrested in October in California, has been released on a $25,000 bond posted by his uncle, who was ordered to keep his own personal computer locked up so Jacobsen couldn't use it. A court hearing is set for Feb. 14.
T-Mobile acknowledged the hacker was able to view the names and Social Security numbers of 400 customers, all of whom it said were notified in writing about the break-in. It said customer credit card numbers and other financial information never were revealed.
"Safeguarding T-Mobile customer information is a top priority for the company," spokesman Peter Dobrow said. Dobrow said T-Mobile discovered a break-in late in 2003 and "immediately took steps that prevented any further access to this system." But another break-in _ believed to be connected to the first _ occurred in 2004, Dobrow said. The company still is investigating.
Court records said the hacker in the second break-in had access to T-Mobile customer information from at least March through October last year.
In March 2004, an informant reported to the Secret Service an online offer that court papers said was traced to Jacobsen. A hacker claimed he could look up the name, Social Security number, birth date and passwords for voice mails and e-mails for T-Mobile customers. Prosecutors contend Jacobsen was behind the offer, shielding his identity using aliases that included "Anyonman" and "Ethics."
The Secret Service said its agent, Peter Cavicchia, should not have been using his personal handheld computer for government work. Cavicchia, who has specialized in tracking hackers, was a T-Mobile customer who coincidentally was investigating the T-Mobile break-in, according to court papers and a Secret Service spokesman, Jonathan Cherry.
Cavicchia, who won the Secret Service's medal of valor for his actions in the Sept. 11, 2001, terror attacks, resigned to work in the private sector. He told The Associated Press he was not asked to leave and said he was cleared during an internal investigation into whether he had improperly revealed sensitive information or violated agency rules.
"Unfortunately, I was the victim of a crime," said Cavicchia, angry that his name appears in court papers in the case. "Over my career with the Secret Service, I continually made personal and family sacrifices to do my job above and beyond the call of duty. My reputation and record speaks for itself. It's unfortunate that the Secret Service didn't take more steps to protect me."
Cherry, the agency spokesman, said the Secret Service's own e-mail servers were not affected by the T-Mobile break-in.