Federal prosecutors said they made a mistake in getting a computer administrator convicted for exposing flaws in his employer’s computer system and asked an appeals court to reverse his conviction.

McDanel was convicted last year under the Computer Fraud and Abuse Act for sending over 5,000 e-mail messages to customers of his former employer, the defunct messaging provider Tornado Development Inc. of El Segundo.

McDanel was a systems administrator for Tornado and discovered a way to break into the computer’s security system and gain access to customer’s accounts. McDanel told his employers the system should be fixed, “but Tornado declined to do so,” Cheng said.

After leaving the company, McDanel “sent three e-mail attacks” to warn customers the company’s computer system was vulnerable to hackers. The e-mails caused the company’s system to crash and caused $5,000 in loss, Cheng said.

During his trial, prosecutors argued McDanel intentionally caused damage to Tornado’s computer server by overloading it with too many messages and impaired the system’s security by exposing its vulnerability to the public. A judge found him guilty of unauthorized access and sentenced him to 16 months in federal prison.

[ Read more ]