Will this serve as a deterrent for "white hat" hackers from bring forward or publishing any security holes they find? Im sure someone else had already found the hold and been exploiting it for other purposes.
AT&T should have been alerted privately with a disclosure of their intent to public announce the security issue within x days. Sending a formal letter certified would have probably been enough evidence in their defence that they warned AT&T about the issue and allowed them time to fix the issue.
Even if they were going to publish the findings willfully knowing it could cause financial damage to AT&T that should not be grounds for criminal charges. What protections should any organization have against open publication of any discovered security issues?
Honestly though it seems like something that probably shouldn't have been shared with your 30 some hacker friends online that you really dont know. That makes your intentions look a little more shady.--
Open Source Network Accelerators