Mitnick was first arrested around 1988. He was held for 8 months of his sentence in solitary confinement. The authorities might have been worried that Wargames was real, and that Mitnick could start a nuclear war from a payphone.
On his release, Mitnick vowed to stay away from computers, but was tempted back into hacking by a friend who apparently set him up. Though he had completed his parole time, he was accused of breaking the conditions of that parole. Mitnick went on the run after it was announced that the FBI wanted to question him regarding the terms of his parole. Mitnick has stated that he did this because he couldn't face another 8 months in solitary.
In 1995 he was arrested again. He wasn't sentenced until August 9, 1999. The authorities appeared keen to use Mitnick as an example for others, giving him a harsh sentence and rough treatment in the hope that this would deter others from performing similar crimes. He was placed in solitary confinement again. Though the companies Kevin infiltrated were claiming damages in excess of $80 million, none of those companies reported any such losses in their financial information, which they are required to do, by law. Some believe that the companies were alleging ficticious losses in order to exaggerate the Dangerous nature of Kevin Mitnick. On the other hand, mission-critical systems that have been compromised need to be completely audited just on the off-chance that a virus or backdoor was inserted, or data was altered/corrupted, and this process can cost companies countless millions in potential earnings (as opposed to direct losses), though the companies in question should still have reported these costs.
It was also reported that Mitnick was in posession of over 20,000 credit card numbers at the time of his arrest. These were from a file unwittingly made available over the internet by NETCOM. One [hacker] later said :"That file was being passed around hacker groups like bubblegum cards. If you didn't have it, you were a loser..." The New York Times, whose reporter John Markoff broke the story, did mention that there was no evidence that Mitnick had used, or intended to use those numbers, but this was 19 paragraphs after the first mention of the CC numbers. Markoff has since revealed to a documentary team, that the authorities had evidence that a number of those card numbers were used after Mitnick had been arrested. When later questioned as to why he did not report this fact, Markoff said; "What relevance could that have to the story?".
His post-release conditions finally ended in 2003. Mitnick now runs a company called Defensive Thinking which offers advice and training to companies looking to protect themselves, primarily against social engineering exploits. The Kevin Mitnick pages have more information.
Charges Mitnick has been reported to have faced
- stealing corporate secrets
- scrambling phone networks
- entering national defense warning systems
- wire fraud
- illegal possession of computer files.
- breaking into NORAD machines
- harassing and stalking Kristy McNichol
- turning friend's phones into payphones
Charges Mitnick actually faced
- 2 Counts of computer crime
- 1 count for using MCI long distance without charge/having posession of MCI access codes
- 1 count for stealing the Security Software System
- 2 Counts of computer crime
- "I have gained unauthorized access to computer systems at some of the largest corporations on the planet, and have successfully penetrated some of the most resilient computer systems ever developed. I have used both technical and non-technical means to obtain the source code to various operating systems and telecommunications devices to study their vulnerabilities and their inner workings."
- "I've acknowledged since my arrest that the actions I took were illegal, and that I committed invasions of privacy."