27-year-old Anonymous member James Jeffery today admitted he hacked into the British Pregnancy Advisory Service (BPAS), Britain’s largest abortion provider. On Thursday, he defaced the website and stole around 10,000 database records containing the personal details (names, user names, e-mail addresses, and phone numbers) of women who had registered with the site. His motivation was a disagreement with his sister’s choice to abort her pregnancy.
As you can see in the screenshot above (courtesy of ZDNET UK), here is what Jeffery wrote on the BPAS website, below the Anonymous logo he placed there:
The same day, he boasted about his crime on Twitter, under the handle PabloEscobarSec:
At first, BPAS said it was confident that the women’s personal details would not be leaked. Later, the organization confirmed the hack.
“The website of the British Pregnancy Advisory Service (bpas) was hacked into and defaced for a period on 8th March, 2012 in what appeared to be a sophisticated cyber attack by an anti-abortion extremist,” a BPAS spokesperson said in a statement. “Around 26,000 attempts to break into our website were made over a six hour period, but the hacker was unable to access any medical or personal information regarding women who had received treatment at bpas. The website does store details (names, addresses and phone numbers) of people who have requested information from bpas via the website, including those making personal inquiries as well as health and education professionals, the media and students. These may have been inquiries relating to contraception, pregnancy, abortion, STI testing and sterilisation. All relevant authorities have been informed and appropriate legal action taken to prevent the dissemination of any information obtained from the website.”
Jeffery never got a chance to release the records he stole from BPAS. On Friday, he was arrested by the Police Central e-crime Unit (PCeU) in his home. On Saturday (today), Jeffery admitted to two offences under the Computer Misuse Act. While working with Anonymous, he has also hacked other websites in the past, including those of the FBI, the CIA, West Midlands police, the Houses of Parliament, the US navy, Arizona police, and Spanish police. In this case though, Jeffery appears to have worked alone, despite the fact he posted the Anonymous logo on the BPAS website.
No medical information about BPAS’ clients was compromised. Instead, Jeffery seems to have obtained personal information of women who visited the site. “We have taken rapid action to identify and arrest a suspect involved in hacking,” PCeU detective inspector Mark Raymond said in a statement. “This was done to prevent personal details of people who had requested information from the BPAS website being made public. It should be stressed that the stolen data did not contain the medical details of women who had received treatment or why individuals had contacted the British Pregnancy Advisory Service.”
BPAS, which sees about 55,000 women a year in its 40 clinics and other centers across the U.K., provides females with information and a forum to enquire about abortion, contraception, sexually-transmitted infection testing, sterilisation, and other fertility-related matters. The organization’s stated purpose is to support “reproductive choice by advocating and providing high quality, affordable services to prevent or end unwanted pregnancies with contraception or by abortion.”
Jeferry will be sentenced at a later date.
See also:
Anonymous hacks Vatican websiteAnonymous hacks Panda Security in response to LulzSec arrestsLulzSec mastermind helps FBI arrest notorious hacktivistsAnonymous tricked into installing TrojanAnonymous reacts to Symantec Trojan reportNASA: Hackers had ‘full functional control’
