Netcom Announcement Regarding the Arrest of Kevin Mitnick
From: CEO Bob Rieger <email@example.com>
Subject: Letter from NETCOM CEO Bob Rieger to customers
Organization: NETCOM On-line Communication Services, Inc.
X-Newsreader: TIN [version 1.2 PL1]
Date: Fri, 17 Feb 1995 07:27:19 GMT
Xref: ix.netcom.com netcom.announce:201 netcom.general:50516 netcom.netcruiser.announce:11
NETCOM HELPS PROTECT THE INTERNET
- A Letter from CEO Bob Rieger to Our Customers -
I know many of you are interested in NETCOM's involvement with the
of Kevin Mitnick, and how this may impact you, if at all, as a
subscriber. First, let me supply a chronology of events:
1. In a routine security check, NETCOM discovered a misappropriated
As a result, we began an investigation to trace what appeared to
2. At about the same time, the WELL (a small Sausalito-based on-line
provider) was investigating an account with an unexpectedly large
of disk usage. In the course of this investigation, they discovered
suspicious material which included items believed illicitly obtained
well-known network security expert Tsutomu Shimomura's computer.
Mr. Shimomura performed network monitoring at the WELL, and determined
the account was being accessed from a number of sites, including
3. The WELL contacted NETCOM for assistance in tracking the source
4. A day or two later, the FBI contacted NETCOM and requested NETCOM's
active involvement in the broadening investigation of the suspicious
activities at the WELL.
5. NETCOM caucused with representatives of the WELL, the FBI, the
Attorney's Office, Mr. Shimomura, and Julia Menapace (an independent
computer consultant and associate of Mr. Shimomura).
6. Following the conversation, it was decided that the best vantage
for further tracking of these activities was NETCOM's Network Operations
7. NETCOM operations staff joined their efforts with Mr. Shimomura
his associates to trace the suspect intrusions to a particular
modem in NETCOM's Raleigh, N.C. site.
8. At that point, the U.S. Justice Department subpoenaed the local
telephone carrier for records of dial-ins at specific times to
modem. It became apparent that the telephone company's switch equipment
had been compromised, so that these records could not be obtained.
However, the Justice Department found another method for making
9. With this information, the Justice Department knew the approximate
location of the originating call.
10. Mr. Shimomura flew to Raleigh and used cellular tracking equipment
locate the apartment building the calls were coming from. Eventually,
calls were traced to an individual apartment, and Mr. Mitnick was
I hope this detailed recounting helps explain the necessity for
and discretion on NETCOM's part while the investigation was ongoing.
Similarly, we need to be appropriately discrete during the
continuing investigation of Mr. Mitnick's alleged illegal activities.
While respecting these legitimate restraints, we will provide
as much information as possible on a timely basis to you. (As an
you may have noticed that I recently promoted Mr. Kael Loftus to
position of Customer Liaison. Mr. Loftus has already proven
helpful in facilitating communication between our customers and
There has been some concern expressed about the security of NETCOM
customers' credit card numbers. While this incident may have involved
duplication of some credit card numbers, this would apply only
shell accounts. NETCOM has always made system security its top
but every UNIX system has loopholes that can potentially be exploited
an expert cracker. However, to provide additional security for
accounts, we have further isolated these customers' billing information,
including credit card data. This is why the "ccupdate" feature
UNIX shell accounts has been disabled, and why the "quota" program
currently says,"Your account balance is temporarily unavailable."
features will be reinstated when we are able to do so in a secure
As a practical matter, at this time we have absolutely no indication
any of our UNIX shell customers' credit card numbers have been
Naturally, we encourage all customers to check their credit card
statements carefully. If there is any hint of inappropriate billing,
should be brought to the immediate attention of the credit card
for reversal of those charges.
The incident did not involve NetCruiser accounts, which make up
majority of NETCOM accounts. Fortunately, the security firewalls
to NetCruiser's system architecture makes such a compromise far
The big story in all of this is that the Internet is maturing into
extraordinarily efficient means of communication that millions
use and depend on daily. NETCOM will do everything in its power
assure the security of our network. We will spend the money and
the technology, but deterrence is our real goal.
Common thieves should know that NETCOM will be ever vigilant in
their identification and prosecution.
"THOSE WHO WOULD LEAD MUST SEEK TO SERVE."
Kael Loftus, Customer Liaison
NETCOM On-line Communications, Inc.
24-hour Tech Support: 408-983-5970
Return to TAKEDOWN
Return to Books that Stack
Return to NoobowSystems Lab. Home
Nov. 27, 2000 Page Created.
Aug. 17, 2002 Reformatted.