Reddit co-founder Aaron Swartz indicted for JSTOR database hack

Aaron Swartz, the 24 year-old who co-founded social news site Reddit, has been indicted for hacking MIT's JSTOR academic journal archive, and faces 35 years in jail and a $1m fine for illegally downloading huge amounts of data.

Swartz is accused of downloading 4.7 million articles, book reviews and other content from JSTOR's archives by breaking into MIT's facilities and installing a laptop to harvest data.

The indictment also claims that Swartz's attempts to get around the blocking attempts of JSTOR's IT staff caused an extended outage for other users of the database.

"We stopped this downloading activity, and the individual responsible, Mr. Swartz, was identified. We secured from Mr. Swartz the content that was taken, and received confirmation that the content was not and would not be used, copied, transferred or distributed," said JSTOR in a statement.

The indictment alleges that Swartz broke into a computer wiring closet in Building 16 on MIT's campus and installed an Acer laptop, which used a custom script to log-on to JSTOR and download articles to a temporary email address.

When campus IT staff noticed the "extraordinary volume of articles" that were being downloaded they blocked the laptop's IP address, but Swartz is accused of getting around this by manually changing log-in and MAC data. The rogue downloads caused more than 100 times the usual traffic rate for the site.

After three more downloading forays into the JSTOR archives, staff were forced to shut down access to the site for all MIT computer network users for a few days while they dealt with the issue. They were unable to find the source of the downloads, however.

In January 2001 Swartz was observed entering the building at MIT and changing the hard drive of the computer. A few days later he removed the laptop, according to the indictment, while covering his face with a cycle helmet, but shortly afterwards reinstalled it elsewhere on the campus.

Swartz faces multiple counts of computer intrusion, fraud and data theft. No court date has yet been set.