Adrian Lamo, known as the "homeless" hacker, built a reputation for hacking into the networks of some of America's largest companies and then offering to help, for free, fix the security vulnerabilities that made his incursions possible.
Lamo was indicted for breaking into computer systems at The New York Times. In January, he pleaded guilty to those charges. On Thursday, a federal judge sentenced him to two years probation, with six months to be served in home detention, says Lamo's federal public defender, Sean Hecker.
Lamo will also have to pay $65,000 in restitution, Hecker says.
In earlier interviews, Lamo said his hacking days were over.
Lamo allegedly broke into computer systems at [email protected], Yahoo, Microsoft, MCI-WorldCom, and SBC Ameritech. Some of the companies Lamo hacked into, including WorldCom, thanked him for finding and helping to fix the security holes he uncovered. In each case, after Lamo helped the company fix its security hole, Lamo would call a news reporter to make his penetration public.
That changed after Lamo breached the network of The New York Times in early 2001. In January of this year, Lamo pleaded guilty before U.S. District Judge Naomi Reice Buchwald to unauthorized access of the private network of the Times, where he added his name and contact information to the paper's op-ed database. In pleading guilty, he agreed that his actions caused losses in the range of $30,000 to $70,000. The losses include costs of intrusions into the Times, as well as use of the LexisNexis database and for alleged access to a Microsoft database in October 2001.
Under the terms of Lamo's plea agreement with prosecutors, he could have faced six months to a year in prison. In court in January, Lamo read a statement in which he admitted guilt and said, "I know that I crossed a line that should not be crossed and I'm genuinely remorseful."