By June 2003, America Online boasted around thirty-seven million customer accounts, making it by far the biggest Internet service provider in the world. Since each of these subscribers was entitled to register up to seven different screen names, AOL actually maintained some ninety-two million email addresses on its system.
Davis Hawke and Brad Bournival owned a list of all of them.
They had bought the list for $52,000 in late May 2003 from a fellow spammer. The man, who said his name was Sean, told them he had a copy of the complete AOL member database, including customer names, street addresses, and telephone numbers. Sean said he bought the list from an AOL software engineer who had stolen it from the big ISP's customer-data warehouse.
Neither Hawke nor Bournival gave much thought to the fact that buying the stolen list from Sean might make them coconspirators in a crime, namely a violation of the U.S. Computer Fraud and Abuse Act. To them, the AOL screen names would be a gold mine. (Hawke and Bournival had no immediate use for the AOL subscribers' physical addresses and telephone numbers.) Amazing Internet previously used a list of around twenty million AOL addresses that Hawke had assembled from a variety of sources, including web page harvesting. But the old list contained a large percentage of undeliverable addresses. That often caused AOL's mail servers to automatically drop connections from Amazing's spamware programs in the middle of a run, since AOL had ...