Last year a 20-year-old ethical hacker had been arrested by the Hungarian police for exploiting serious vulnerabilities in Magyar Telekom which is the largest telecommunication company in the country. The hacker is subjected to face up to 8 years in prison.
The Hungarian media states that the hacker discovered a severe flaw in the Telekom last April and had reported it to the company and was then invited by them for a meeting. He went to Budapest for the meeting and the company refused to let him test their systems further. But the hacker continues to examine the website and found another severe flaw in May and this vulnerability could permit an attacker to access the public and retail mobile and data traffic, and monitor company’s servers.
When the Telekom detected the intrusion in their internal network, they had reported it to the police. The hacker is on trial now. The Hungarian Prosecution Service is soliciting for a prison sentence, while the Hungarian Civil Liberties Union, a non-profit human rights watchdog, is defending the hacker.
According to the reports from the Prosecutor’s Office the defendant seemed to have crossed the line and his actions may invite danger to society and so he must face legal consequences.
The Prosecutor’s Office also offered the man a plea bargain to admit his guilt so that he would be given a 2-year suspended or else he would have to serve five years in jail.
But the hacker refused the plea deal and is now been charged with an upgraded crime in the indictment which is disrupting the operation of a “public utility,” and this might lead him to be put behind the bars for up to 8 years, if proven guilty.
It is illegal to test a company’s website for vulnerability without their permission and also to disclose a vulnerability publicly. This is a serious issue and could sometimes backfire even if you have good intentions.