Steve Nott

Concerned salesman went to Mirror….but Piers Morgan’s paper behaved suspiciously, did nothing


Vodafone blithely gave out information about how to hack to anyone who asked, claimed on radio there was ‘no risk’


How Steve Nott’s account suggests that TV news media might also have used hacking


Has he unearthed a broader security conspiracy?

Slog comment threader Steve Nott has revealed how he went to the police, the newspapers and other key institutions in 1999. He devoted a year thereafter to warning anyone who’d listen about how easy it was to hack a mobile phone. The cynicism of the tabloids in the way they handled his campaign is exactly what you’d expect….and Morgan’s Mirror was the worst of the lot. It was not until July 18th this year that Operation Weeting finally interviewed Mr Nott for three hours. He is to be called by the Leveson Inquiry.

In late 1998, salesman Steve Nott lost his mobile phone network coverage, and rang Vodafone from a service station – to ask how he could access his message. Vodafone told him exactly how – without making any checks – and helpfully added that Steve could use this to get into anyone’s mobile at any time. Says Nott:

I was gobsmacked that it was so easy to be able to do this, and spent the next couple of months having fun and games with my mates phones, work colleagues phones and so on. I realised that this issue of easily being able to intercept voicemail, change welcome greetings, delete messages and change the voicemail PIN was too serious to play about with and decided to make some noise about the risks to National Security I’d stumbled across.”

The response wherever he went was an unhelpful yawn. “I called Vodafone and told them of my worry. They weren’t helpful. I called them on various occasions explaining my concerns and still no joy.” In fact, the situation was serious because none of Vodafone’s handbooks told phone users how to protect themselves by using their own secret pin to block unauthorised entry to messages.

Steve in turn got nowhere when he spoke to Orange about it. Imagine that. So he decided that, in this our country with a free press, he’d go to the media about it. His first stop was The Mirror….edited at that time by Piers Morgan. Steve again:

“I was in London and made a phone call to the Daily Mirror and explained to them I had a story. They were very interested and after giving them the instructions to ‘hack’ into the voicemails they said it’s possibly going to be one of the biggest stories that decade and would make front page and couldn’t believe how easy it was to do and the fact that nobody knew about it. They said they were going to try it out for themselves and see how it all works. I called the Daily Mirror a few times and they kept saying they were working on it and to be patient as it was going to be a massive story.  Twelve days went by, still waiting for front page headlines as promised, I rang them up and they said they weren’t interested anymore. I was amazed, one minute, massive news story promises and excitement then ‘nothing’.”

It’s highly probable that Steve had given the Mirror a rather ‘good’ idea. Or it could be that the story (having reached Piers Morgan, as it inevitably would do) was squashed. If it was, then you don’t have to be a genius to work out why: either Morgan was already using the scam….or he’d seen it’s potential.

Then in June 1999, Steve took the story to News International’s head of Consumer Affairs, Paul Crosbie.

” Paul asked me to demonstrate how anyone’s voicemail system was accessed,” says Nott, “and called some colleagues in the office, asked them to not answer the next call so I could call them and show him. Paul Crosbie explained to me that it was a massive story and thanked me for coming to see him and expect the story to be in the paper within 48 hours on the front page. He said I was going to be a public hero because of the risk to National Security which I had brought to the media’s attention. Guess what…..no news story, not a dickie bird. I couldn’t get hold of Paul Crosbie again after the first meeting.”

If the saga had only gone this far, Steven Nott’s well-documented account would be further damning evidence of how both NI and MGN grabbed an idea and used it or nefarious ends. But for me, the real tragedy – the real scandal – in his story is that none of the institutions supposed to protect the citizen gave a monkey’s as Steve’s one man campaign sought to alert someone in authority.

He called the Security Services, who thanked him for the information…and did nothing. He spoke to New Scotland Yard, and also wrote them a detailed letter explaining his findings. The Yard didn’t reply.

He wrote to the DTI, and never received a reply. He then contacted the BBC, who at last showed some interest. Steve was interviewed by Radio 5 Live, the show airing on October 22nd 1999. It was presented by Adam Kirtley. Steve remembers:

“During the programme, Vodafone’s Mike Caldwell said he didn’t know why I was making such a fuss, as it never has and never would cause a problem.”

Then something happened that should set every nose in Fleet Street twitching. Steve Nott continues:

“I also spoke to Chris Choi from ITN and he was very excited about the implications and massive security flaw. I had an ITN newscrew at my house the same day and was filmed in my back garden about the story. Chris Choi said it was going to be breaking headlines. Guess what…..nothing happened. No broadcast, nothing.”

You can read the full, fascinating story of Steven Nott’s fight against disgraceful Establishment apathy (or – see below – something worse) by going to his website Hackergate. This has only been up and running for a few days, but has already attracted great interest. If nothing else, the site contains a host of chaaracters and evidence offering both Sue Akers and Lord Leveson lots of other names to put on the grilling list. Paul Crosbie, I would think, has some explaining to do: likewise Piers Morgan and Chris Choi.

UPDATE 11th January 2012: I have been in communication with Paul Crosbie, and I am satisfied that any malign role on his part is unfortunately exaggerated in this piece – for which I unreservedly apologise. I’m sorry if this retraction appears to have been displayed on P. 56 among the postal bargain ads: perhaps this is something we can all work together to change in the near future.

But returning to the wider issue of the authorities doing nothing, was it just apathy….or something more sinister?

I have blogged for years on the subject of how most ISPs and phonecos are allowed to behave like pirates and avoid legal regulation with any teeth because the police and security services need them. The one big nuisance for our interior security Ministries about Hackgate is that it has made public something they’ve probably been doing with impunity for twenty years or more, going back to the dawn of mobiles.

It seems very odd indeed that for most of those years, the biggest mobile operator in the UK, Vodafone, produced no details about personal security protection in their manuals….and then blatantly tried to downplay the danger on national BBC Radio. Were they asked to leave out these details by more shadowy characters? Was the unwillingness of either tabloid or ITN to run the story as much a case of being warned off by the security services?

Nobody should regard those questions as wild, paranoid conspiracy theory. All the ISPs now have GCHQ monitoring software installed that covers every email written in, and received by, Britain. We know from our unhappy time under the Home Secretaryship of Jacqui Smith that she blithely gave these and more powers to GCHQ – whose demands to monitor the ‘danger’ posed by a tiny minority of militants has given them carte blanche to watch, listen to and transcribe every human contact we have with one another in the UK. We also know that Ms Smith lied to Parliament about having cancelled a ‘test’ programme of monitoring that would’ve cost a staggering £13 billion. The test went on secretly to become the real thing – and the £13 billion was duly spent.

One suspects that this won’t come under Lord Leveson’s remit. But it ought to.