ANALYZING EVIDENCE
Processing case files...
Processing case files...

Notorious 1990s Computer Hacker
CLASSIFICATION: Financial Crime
LOCATION
Raleigh, North Carolina
TIME PERIOD
1979–2003 (legal timeline); arrested 1995
VICTIMS
24 confirmed
Multiple unauthorized intrusions into corporate and telecommunications computer systems were carried out beginning in 1979 and culminating in a high-profile pursuit and arrest in 1995 in Raleigh, North Carolina. The suspect, Kevin Mitnick, was charged with wire fraud, possession of unauthorized access devices, interception of communications and related computer crimes, pleaded guilty in 1999, and was sentenced to federal prison. Evidence seized at arrest included cloned cell phones, numerous cloned cellular codes, and false identifications; the plea and sentence resolved the federal case and he was released in January 2000. After release he worked as a security consultant and remained a controversial figure until his death in 2023.
Some believe Mitnick was the victim of an overzealous, media-driven prosecution — supporters argue authorities exaggerated his technical capabilities (the infamous “whistle into a pay phone to start a nuclear war” claim) and coerced a guilty plea while denying normal bail and communications, prompting the "Free Kevin" movement. Investigators and critics have speculated that private corporations and a high-profile collaborator helped shape and amplify the case, with allegations that firms were coached to inflate damage estimates and that journalists and a cooperating technologist profited from the mythology through books and film opportunities. These debates center on disputed responsibility for alleged losses, possible coordination between law enforcement and industry, and whether Mitnick’s punishment was disproportionate to actual harm.
At 1:30 on a February morning in 1995, federal agents and members of the Raleigh–Durham Fugitive Task Force closed in on a modest apartment in Raleigh, North Carolina. [1]
Inside, they arrested a 31‑year‑old they described as one of the country’s best‑known computer intruders: Kevin Mitnick, a federal fugitive wanted for violating probation and allegedly ransacking corporate and communications systems across three states. [1]
The arrest capped a two‑week electronic manhunt that had bounced through phone switches, cloned cellular signals, and compromised computers before tracing back to this apartment in the Research Triangle. [1][2]
By dawn, the Justice Department was publicly calling Mitnick a well‑known hacker whose recent electronic attacks had allegedly damaged systems and stolen proprietary information from targets in California, Colorado, and North Carolina. [1]
The episode would turn “Kevin Mitnick” into a cultural shorthand for computer crime—and ignite a years‑long argument over where mischief ended and serious digital sabotage began. [2][3]
Mitnick’s story began far from North Carolina. He was born in Van Nuys, in Los Angeles’ San Fernando Valley, and grew up in nearby Panorama City after his parents, Shelly Jaffee and Alan Mitnick, divorced when he was three. [2][3] His mother, a waitress, worked long hours; he rarely saw his father. [3]
By his teens he had already discovered how systems—of any kind—could be bent. At 12, he figured out how to ride Los Angeles buses free: with a helpful driver’s ticket punch and unused transfer slips salvaged from a dumpster. [2]
Computers arrived next. At Monroe High School in North Hills, he used a classroom machine to reach into the Los Angeles Unified School District’s computers. [2][3] Among friends in the hacker world he went by “The Condor,” a handle lifted from the film Three Days of the Condor. [2][3]
According to later reporting, after cracking the school district systems he went further, invading a North American Air Defense Command (NORAD) computer as a prank, several years before WarGames made that scenario famous in theaters. [3] When WarGames finally came out in 1983, he took a friend to see it and criticized the movie for its flaws. [3]
By 17, Mitnick had already been arrested once for hacking. [3] A year later, in 1981, he was placed on probation as a juvenile offender for stealing computer manuals from Pacific Bell; a former friend turned him in for the theft. [3] In 1982 he violated that probation by breaking into computers at the University of Southern California and spent six months confined in a juvenile facility. [3]
These early cases sketched a pattern that officials would later describe as compulsion. [3] To some of his friends, though, it still looked like elaborate, victimless pranks. [3]
By the late 1980s, Mitnick’s intrusions had moved from school networks to large corporations. Federal authorities in Los Angeles convicted him in 1988 for stealing computer programs and breaking into corporate networks, and he received a one‑year sentence. [1]
Contemporary accounts added more detail: he was reported to have infiltrated MCI telephone computers, accessed long‑distance codes, and been convicted of causing $4 million in damage to Digital Equipment Corporation, although descriptions of that case vary between official summaries and news reporting. [1][3]
A federal judge not only sentenced him to prison but also labeled the hacking an addiction, barred him from using a telephone—described as a dangerous weapon in his hands—and ordered him into therapy. [3]
Another account of that era notes that after a 1989 guilty plea on computer‑related charges, Mitnick served eight months in solitary confinement because the judge feared he would be a threat to national security if given access to a phone. [4] Periodicals later repeated a story that he was thought capable of launching nuclear missiles by whistling into a telephone, a claim that took on a life of its own. [4]
However the exact contours of that first case are drawn, the outcome was clear: by the late 1980s, Mitnick was a convicted federal hacker with a court record that already treated his access to networks and phone systems as uniquely dangerous. [1][2]
After serving his prison time, Mitnick was placed on supervised release. [2] Near the end of that period, he hacked into Pacific Bell voicemail computers, violating the terms of his supervision. [2] A federal warrant followed. [1]
According to the Justice Department and later summaries, he fled and spent roughly two and a half years as a fugitive. [2] A Los Angeles Times account described him as having been on the run for two years when he was finally captured. [3] Linux Journal reported that he disappeared on Christmas Eve of 1992 to avoid further questioning about alleged exploits, a timeline that fits the fugitive period federal authorities cited. [2][4]
While he was underground, the government would later allege, Mitnick gained unauthorized access to dozens of computer networks, used cloned cellular phones to hide his location, and copied proprietary software from some of the country’s largest cellular telephone and computer companies. [2] Prosecutors said he electronically attacked numerous corporate and communications carriers in California, Colorado, and North Carolina, causing damage and stealing proprietary information. [1]
One widely circulated profile claimed he intercepted passwords, altered computer networks, and read private emails. [2] According to the Los Angeles Times, he was also said to have disconnected a probation officer’s phone, altered credit reports and other records of people who had investigated or angered him, and been suspected of invading the email of a New York Times reporter who had written extensively about him. [3]
Those allegations painted him as vindictive and retaliatory. Friends and relatives pushed back, insisting he never personally profited from his hacking. [3] The divide over whether he was a saboteur or an obsessive prankster would only widen once he was caught. [3]
The turning point in the manhunt came not from a phone company or a federal lab but from the computer of a private security researcher.
On Christmas Day, according to the Los Angeles Times, Mitnick traversed the internet and broke into a system run by Tsutomu Shimomura, a senior fellow at the San Diego Supercomputer Center (SDSC), stealing sensitive security files. [1][3] Shimomura later posted technical details of the break‑in online. [3]
In the Times’ account, Mitnick taunted him afterward, leaving a series of voicemail messages including one that warned, “My technique is the best. My style is much better. Don't you know who I am? Me and my friends, we'll kill you.” [3]
Shimomura did not leave it to the FBI. He joined the hunt, tracing a trail from Mitnick’s use of cloned cellular phones. [3] According to the Justice Department, Shimomura and SDSC provided significant technical assistance to law enforcement during the investigation, as did the Justice Department’s own Computer Crime Unit in Washington, D.C. [1]
The case quickly became more than a standard fugitive chase. Federal officials coordinated FBI offices and U.S. Attorneys’ Offices in Raleigh and Greensboro, North Carolina; San Diego, Los Angeles, and San Francisco, California; and Denver, Colorado, working through the FBI’s National Computer Crime Squad. [1] System administrators and security staff from the companies allegedly attacked were drawn into the effort. [1]
In the public imagination, it was framed as a duel between two hackers: the renegade intruder and the security expert tracking him across the network. [2][3]
By early 1995, federal agents believed they were close. For two weeks, according to the Justice Department, they conducted an intensive electronic manhunt that ultimately pointed toward an apartment in Raleigh. [1][2]
On February 15, 1995—a Wednesday—the FBI and the Raleigh–Durham Fugitive Task Force moved in. [1][3] Members of the task force included the U.S. Marshals Service, the North Carolina State Bureau of Investigation, and local sheriffs’ offices. [1]
The arrest came at 1:30 a.m. at Mitnick’s apartment. [1][2] The Justice Department’s press release that day called him a “well‑known computer hacker” and “federal fugitive” wanted for violating probation, and noted that he was 31 years old. [1]
According to later descriptions, agents found cloned cellular phones, more than 100 cloned cellular phone codes, and multiple pieces of false identification in the apartment. [2] The operation ended a long, secretive chase and opened a very public fight over what would happen to the man now being described as a kind of “Public Enemy No. 1 in cyberspace.” [3]
Within days, he appeared in shackles in a federal courtroom in Raleigh. [3] Observers noted that he looked thinner than in the widely circulated wanted photo—his long hair pulled back in a ponytail, jogging suit and expensive sneakers on his feet, wire‑rimmed glasses on his face. [3]
From the moment of his arrest, Mitnick became a kind of Rorschach test for the digital age. The Los Angeles Times framed the debate bluntly in a feature headlined “‘Condor’ Myth Loop of Contradictions: To some, Kevin Mitnick is an electronic terrorist. Others say he's a prankster.” [3]
Law enforcement tended toward the first view. In that Times piece, officials described him as a “dark side” hacker and compared him to Public Enemy No. 1 in cyberspace. [3] Deputy U.S. Marshal Kathy Cunningham said Mitnick was “completely obsessed” with computers and with breaking into them—not to get rich, in her view, but to show off. [3] She later contrasted Mitnick’s record with Shimomura’s accomplishments, saying Shimomura had the skills to have become someone like Mitnick but had taken a different path. [3]
Mitnick’s supporters painted a different picture. Friends interviewed by the Times described him as a relatively harmless prankster and said they had never known him to gain personal riches from his computer crimes. [3] His grandmother, Reba Vartanian, told a reporter he had not profited from his hacking. [3] An old friend, Troy Fromin, who worked at his family delicatessen in Encino, called him “just a prankster” who “never meant any harm.” [3] Another hacker friend told the newspaper that Mitnick was not known to profit personally from his activities. [3]
The portrayals also traded on his appearance. The Times reported that he had been cast in the media as socially maladroit, pudgy, and bespectacled; a photo circulated during the manhunt was said to make him resemble “Pat,” the androgynous character from a television sketch. [3] In court, he appeared thinner and with long hair tied back, a small detail that underscored how much myth‑making had already attached to his image. [3]
In the background of that image‑making was another media star: New York Times reporter John Markoff, who had covered him for years and would later co‑write Takedown, a book about the capture, with Shimomura. [2] A Linux Journal article later alleged that Markoff coordinated with Shimomura and the FBI to help find Mitnick, write the book, and sell movie rights, and that those relationships were concealed from readers. [4]
The same article noted that claims Mitnick had made it onto the FBI’s official “Most Wanted List” were not true, even as the story of a top‑ten cyber outlaw spread. [4]
The government treated the Raleigh arrest as the culmination of a long crime spree. At the time of his capture, Mitnick was charged with federal offenses related to the roughly two‑and‑a‑half‑year period he had spent hacking as a fugitive, including computer and wire fraud. [2] A Los Angeles Times piece reported that the new charges filed in Raleigh carried a potential maximum sentence of 35 years in prison if he were convicted. [3]
Linux Journal later reported that he was indicted on 25 counts of computer and wire fraud and initially pleaded not guilty. [4] The same account said he was held without bail and without trial from his February 1995 arrest onward, and that he was denied a bail hearing altogether. [4]
While he sat in pretrial detention, officials continued to treat even limited technology as a risk. According to that reporting, he was once placed in solitary confinement because of fears he could use an FM radio “for nefarious purposes,” and he was denied the use of a modem‑less laptop to review nine gigabytes of evidence against him, on the grounds that he would be especially dangerous with such a device. [4]
Mitnick himself later said that law enforcement convinced a judge he could “start a nuclear war by whistling into a pay phone,” a version of the same fear that had circulated during his earlier case. [2][4]
In 1998, federal prosecutors in the Central District of California filed a sweeping new indictment: 14 counts of wire fraud, eight counts of possession of unauthorized access devices, charges of intercepting wire or electronic communications, unauthorized access to a federal computer, and causing damage to a computer. [2]
The next year, he made a calculated choice. As part of a plea bargain, he pleaded guilty to four counts of wire fraud, two counts of computer fraud, and one count of illegally intercepting a wire communication. [2][4] U.S. District Judge Mariana Pfaelzer sentenced him to 46 months in federal prison, plus 22 months for violating the terms of his late‑1980s supervised release. [2]
Mitnick admitted that he had violated supervision by hacking into Pacific Bell voicemail and other systems and by associating with known computer hackers, including a co‑defendant. [2]
In total, he served five years in prison, including about four and a half years in pretrial custody and eight months in solitary confinement. [2] Supporters argued that the punishment was excessive and that many of the charges and alleged losses were inflated or not based on actual harm. [2][4]
The fight over those losses became a central chapter of the Mitnick saga. After his arrest, the government and several corporations accused him of causing $299,927,389.61 in damages. [4] Corporate allegations of losses eventually rose to about $300 million. [4]
Linux Journal reported that Sun Microsystems claimed an $80 million loss from Mitnick allegedly downloading Solaris source code, even though the Solaris source was said to be available for $100 and apparently free for students. [4] The article noted that Sun did not report the $80 million figure to shareholders or the SEC, despite what it characterized as a legal duty to do so. [4] Other companies alleging losses, according to the same piece, included Motorola, Fujitsu, Nokia, Novell, and NEC, which likewise did not report such losses to investors or regulators. [4]
The article asserted that the government had coached firms on how to estimate damages, and that prosecutors persuaded the court that $80 million was the most reasonable figure for Sun’s loss. [4] Yet in the end, it reported, Mitnick was ordered to pay a little over $4,000 in restitution—a stark contrast to the hundreds of millions once invoked. [4]
These discrepancies galvanized a grassroots “Free Kevin” campaign, led by the hacker magazine 2600 and its editor Emmanuel Goldstein (Eric Corley). [4] Supporters distributed information, raised defense funds, exposed what they cast as civil rights violations, leaked documents, and organized protests. [4]
On June 4, demonstrators gathered outside federal courthouses across the United States and at the U.S. embassy in Moscow carrying a simple message: FREE KEVIN. [4] In New York, a skywriter spelled the slogan across the sky while an airplane towed a banner; elsewhere, activists targeted movie theaters showing the forthcoming film Takedown to hand out leaflets. [4]
Hacktivists even replaced pages on websites worldwide—including, according to Linux Journal, the New York Times’ site—with FREE KEVIN messages. [4] Despite the noise, the same article noted that mainstream civil rights groups, including the ACLU, Amnesty International, and the Electronic Frontier Foundation, did not take up his cause. [4]
By then, Mitnick’s criminal activities, arrest, and trial—along with the journalism and entertainment products that followed—had become deeply controversial. [2][4] Miramax, which produced the movie version of Takedown, later reworked the script to remove what were characterized as defamatory allegations. [4]
On January 21, 2000, at 6:30 a.m. Pacific time, Kevin Mitnick walked out of prison. [2][4] His supervised release would run until January 21, 2003. [2]
The terms were unusually strict for a non‑violent offender. For three years, he was forbidden from talking about computers and from using a cellular or cordless phone. [4] Another account notes that during supervised release he was initially barred from using any communications technology other than a landline telephone. [2] Under the plea deal, he was prohibited for seven years from profiting from films or books based on his crimes—a variation on “Son of Sam” laws that aim to prevent criminals from cashing in on their misdeeds. [2][4]
Linux Journal reported that, under such conditions, Mitnick listed “gardening” as one of the few occupations open to him and joked that even fast‑food work would violate the terms. [4]
Over time, the constraints eased. An FCC judge ruled in December 2001 that he was sufficiently rehabilitated to hold an amateur radio license again. [2] After his release and the end of supervision, he worked as a computer security consultant, public speaker, and author, eventually founding his own firm, Mitnick Security Consulting. [2]
He co‑founded Defensive Thinking Inc. and helped develop the Certified Social Engineering Prevention Specialist (CSEPS) program, a training course covering pretexting, elicitation, psychological manipulation, dumpster diving, and organizational vulnerabilities. [2] Clients included branches of the U.S. Air Force and Marine Corps. [2] He later became part owner and “Chief Hacking Officer” at the security training company KnowBe4, where elements of his earlier social‑engineering curriculum were incorporated into commercial offerings. [2]
In 2003, he testified before the U.S. House Committee on Financial Services about computer security and identity theft—an acknowledged former intruder briefing lawmakers on how to defend against the kind of attacks he had once carried out. [2]
Kevin Mitnick’s life never escaped controversy. Media outlets described the whole arc—his crimes, prosecution, and punishment—as contentious, and supporters continued to argue that the government had exaggerated his threat and losses to make an example of him. [2][4]
Yet even many who questioned the prosecution’s tactics did not dispute that he had broken into systems, copied software, and violated trust on a wide scale. [2] The open question was how to calibrate guilt and punishment when the crimes happened in a borderless, still‑new digital world.
Mitnick died of pancreatic cancer in Pittsburgh, Pennsylvania, on July 16, 2023, at age 59. [2] By then he had spent more years advising companies and governments on how to protect themselves than he ever had as a fugitive “Condor” exploring their defenses. [2]
The arguments that raged around him in the 1990s—about hacking, harm, and how much fear is too much—still echo in debates over cybersecurity law and digital civil liberties today.
No recent news articles found for this case. Check back later for updates.
No evidence found for this case. Be the first to submit evidence in the comments below.
Join the discussion
Loading comments...
At age 16 Mitnick gained unauthorized access to DEC's 'The Ark' and copied software, marking the start of his hacking activities.
Mitnick was charged and convicted for breaking into Digital Equipment Corporation's computer network and was sentenced to 12 months in prison followed by supervised release.
After a well-publicized pursuit, Mitnick was arrested at his Raleigh apartment on federal computer- and wire-fraud related charges; agents found cloned cell phones, cloned codes, and false IDs.
Mitnick was charged in U.S. District Court with 14 counts of wire fraud, eight counts of possession of unauthorized access devices, interception of communications, unauthorized access to a federal computer, and causing damage to a computer.
As part of a plea bargain Mitnick pleaded guilty to multiple counts including wire fraud, computer fraud, and illegally intercepting a wire communication.
U.S. District Judge Mariana Pfaelzer sentenced Mitnick to 46 months in federal prison plus 22 months for violating supervised release terms; he served roughly five years in custody.
Mitnick was released from federal custody and began a period of supervised release with restrictions on communications technology use.
An FCC judge ruled Mitnick was sufficiently rehabilitated to possess a federally issued amateur radio license.
Mitnick's supervised release period concluded, lifting the remaining court-imposed restrictions from his plea deal.
Kevin Mitnick died of pancreatic cancer at age 59 in a Pittsburgh hospital.