BBC Homepage World Service Education
BBC Homepagelow graphics version | feedback | help
BBC News Online
 You are in: UK: Wales
Front Page 
Northern Ireland 
UK Politics 
Talking Point 
In Depth 

The BBC's Rory Cellan Jones
"The battle between companies and hackers carries on every day"
 real 56k

Computer hacker Raphael Gray
"No site can be one hundred percent secure"
 real 28k

Michael Vatis, FBI
"Society in general views [hackers] as criminals"
 real 28k

BBC Wales's Rebecca John
"The judge said he acted naively"
 real 56k

BBC Wales's Ashley Crowter looks at the crime
"Was he a misguided teenager or a serious fraudster?"
 real 56k

Raphael Gray talks to BBC Wales's Jamie Owen
"I'm looking to settle down with a computer company"
 real 56k

Friday, 6 July, 2001, 10:54 GMT 11:54 UK
Teen hacker escapes jail sentence
Raphael Gray admitted breaking into retail web sites
A computer student who sparked an international investigation after he hacked into high-profile websites has been sentenced to psychiatric care.

Raphael Gray, 19, from west Wales, caused mayhem by accessing the details of 23,000 internet shoppers in five countries and posting some of them onto websites.

A judge at Swansea Crown Court said he had displayed a "sense of humour" by sending Viagra tablets to Microsoft boss Bill Gates using a stolen number and publishing what he said was the billionaire's own number.

I would do it all again but another time I would choose to ensure that I acted legally

Hacker Raphael Gray
But Judge Gareth Davies said that many people had suffered as a result of his actions.

"You caused great expense and inconvenience - running into hundreds of thousands of pounds.

"It is fortunate no-one took advantage of the information you put on the net.

"Your motivation was also to boost your self esteem and maybe you were being naive rather than malicious."

credit cards
The crimes could have cost 3m
He made an order that Gray should undergo three years of psychiatric treatment after hearing evidence that he was suffering from a mental condition which needed medical treatment rather than incarceration.

Smiling after the trial, Gray, said he did not regret what he had done, but the way he had done it.

He claimed the scam was to expose security weaknesses in internet shopping.

"I would do it all again but another time I would choose to ensure that I acted legally," he said.

I would have liked to see him go to prison. We need to give a very strong message to those people thinking about doing these sort of hacking offences

Neil Barrett Information Risk Management
But an internet security firm that provided expert testimony for the prosecution criticised the sentence, saying it was not tough enough to deter other hackers from committing crimes.

"The crime is tantamount to stealing lots and lots of credit cards out of people's pockets," said Neil Barrett, technical director of Information Risk Management.

"Frankly, I would have liked to see him go to prison. We need to give a very strong message to those people thinking about doing these sort of hacking offences."

Lengthy investigation

Gray from Clynderwen, Pembrokeshire, admitted gaining unauthorised entry to computer systems around the world as part of a multi-million pound credit card mission.

The teenager was sentenced to a three-year community rehabilitation order with psychiatric care.

His activities brought FBI agents and Canadian Mounties to the tiny west Wales village to make an arrest after a lengthy investigation.

Using an 800 computer he bought from Dixons, Gray hacked in to the ordering functions of top international retail sites in the UK, US, Canada and Thailand over six weeks between January and February 1999.

The self-styled "Saint of e-commerce" set about publishing details of 6,500 cards on two of his own websites - where he used the information as an example of weak security in the growing number of consumer websites.

The FBI estimated the scam could cost the credit card industry $3m
Working with an unnamed accomplice who was later eliminated from inquiries, he wrote on one site: "Maybe one day people will set up their sites properly before they start trading because otherwise this won't be the last page I post to the net."

The teenager included on his sites details of his infamous database cracks in a "hall of shame," boasting law enforcers would never find him "because they never catch anyone. The police can't hack their way out of a paper bag."

The computer studies student was at the keyboard when the FBI agents and officers from Dyfed Powys Police turned up at the door of his home, which he shared with his mother and two sisters, last March.

During their investigations, the FBI said closing the hacked accounts and re-issuing new cards could cost the credit card industry $3m.

Search BBC News Online

Advanced search options
Launch console
See also:

27 Jan 00 | Asia-Pacific
More hacking on goverment websites
11 Feb 00 | UK
A - Z: Hack attack
06 Sep 99 | e-cyclopedia
Cracking: Hackers turn nasty
Internet links:

The BBC is not responsible for the content of external internet sites

Links to more Wales stories are at the foot of the page.

E-mail this story to a friend

Links to more Wales stories