Student jailed for hacking Facebook

Would-be ethical hacker jailed.
A British student has been jailed for eight months for hacking Facebook despite claiming that he intended to help the social network improve its security.

Glenn Mangham, 26, hacked the social media website last year from his parent’s basement, The Guardian reported.

Prosecutor Sandip Patel said Mangham stole “invaluable” intellectual property after hacking the account of a Facebook employee who was on holiday.

Mangham, a software development student, said he intended to demonstrate the hack to Facebook to help it improve security.

“It was to identify vulnerabilities in the system so I could compile a report that I could then bundle over to Facebook and show them what was wrong with their system," Mangham told the court.

Between April and May last year, the court heard Mangham hacked a Facebook puzzle server used by programmers, and a mailman server used to handle email distribution lists.

Prosecutors said he also crafted and offered to distribute a script used to hack the Phabricator server which housed application development tools.

Patel said Mangham downloaded internal Facebook data to an external hard drive.

Scotland Yard raided Mangham's home on June 2 last year in what was described as a "concerted, time-consuming and costly investigation".

Mangham first appeared in court in August 2011.

Patel said Mangham “acted with determination and undoubted ingenuity”, describing the hack as “sophisticated” and “calculating”.

“This represents the most extensive and grave incident of social media hacking to be brought before the British courts," he said.

Mangham’s defence said he was an ethical hacker who saw the hack as a “challenge”.

"It was common currency within the community of computer nerds or geeks, if I may refer to him as that, where there was this interesting relationship between companies and people who ethically point out vulnerabilities," defence lawyers argued.

Facebook operates a bug bounty program in which it pays ethical hackers up to $US500 ($A467) for quietly disclosing vulnerabilities.

The Guardian reported Mangham had previously shown Yahoo how to improve the security of its search engine.

Judge McCreath said he considered that Mangham had not previously been in trouble and his "psychological and personal make-up".

"But this was not just a bit of harmless experimentation," McCreath said.

"You accessed the very heart of the system of an international business of massive size, so this was not just fiddling about in the business records of some tiny business of no great importance."