Ryan Ackroyd

Ryan Ackroyd, a.k.a. Kayla and also lolspoon, is a former black hat hacker who was one of the six core members of the computer hacking group "LulzSec"  during its 50-day spree of attacks from 6 May 2011 until 26 June 2011. Throughout the time, Ackroyd posed as a female hacker named "Kayla" and was responsible for the penetration of multiple military and government domains and many high profile intrusions into the networks of Gawker in December 2010, HBGaryFederal in 2011, PBS, Sony, Infragard Atlanta, Fox Entertainment and others. He eventually served 30 months in prison for his hacking activities.

After his release from jail, Ackroyd publicly stated during "a conversation with Lulzsec" that he believes Anonymous, other activists and like-minded should come together and attempt to change issues legally.

In December 2014, he gave his first ever lecture in an over-capacity lecture auditorium at Sheffield Hallam University for over 200 students, where he spoke about Lulzsec and their "50 days of lulz".

On his Twitter account, Ackroyd vowed to help the security of the systems he once breached, stating that he would "help secure and defend the systems in hopes we can all learn from each other, should I be given the chance to do so". He also added "For me, it wasn't about stealing people's information, I just wanted to show people how flawed their so-called secure systems are. People need to fix their stuff… I sent countless emails to companies and even government organisations and I was ignored. I soon realised I'd have to show them why they should secure themselves before they would listen. I'm like Jiminy Cricket, only when you don't listen I'd hit you really hard with my tiny umbrella so you'd do the right thing," he joked.

Rise to prominence
In 2011, Ackroyd was part of the small group of hackers who breached the security of HBGaryFederal.com through an SQL injection and is said to have social engineered the administrator of rootkit.com, HBGary's CEO's personal website to gain root access to their entire systems. During the rise of the group "LulzSec", Ackroyd is said to be its most talented hacker, doing much of the security penetration along with Hector Monsegur. He hacked into fox.com, UK Bank Machines, Sony, PBS, the FBI, Bethesda Softworks, Senate.gov, Arizona Department of Public Safety, AT&T, AOL, Navy.mil, Infragard Atlanta, NATO Bookshops and others during LulzSec's infamous "50 Days of Lulz".

Ackroyd is responsible for the hack on Booz Allen, where Edward Snowden was an employee. He was also responsible for the hack into Gawker Media's computer networks in December 2010, in retaliation to what Ackroyd perceived to be behaviour condescending of Anonymous and other affiliated hackers. During this time, Ackroyd hacked into hundreds of military domains to show vulnerabilities were in excess even in the most sensitive areas.

Arrest and legal proceedings
On 1 September 2011, Ackroyd's "lolspoon" Twitter feed went silent for the last time, amidst announcements that the hacker was arrested in Mexborough, South Yorkshire. It became clear that Ackroyd was not, in fact, a girl, but rather a 24-year-old man with prior military service in the British Army serving in Iraq. He was released on bail with fellow co-defendants Tflow and Topiary.

On 9 April 2013, Ackroyd appeared in court for the final time where he was branded "highly forensically aware" by the court. Ackroyd pleaded not guilty to Distributed Denial of Service (DDoS) attacks carried out under the LulzSec banner during its "AntiSec" campaign, but pleaded guilty to violating the computer misuse act.

Ackroyd served a 30-month prison sentence in England.

After release
Ackroyd was an Associate Lecturer at Sheffield Hallam University and was also enrolled on a master's degree in information systems security. He is now the Lead Penetration Tester at The Hut Group.