A computer hacker pleaded guilty to helping write malicious code that allowed him to breach AT&T Inc servers and steal personal data belonging to 120,000 Apple Inc iPad subscribers, U.S. prosecutors said.

Daniel Spitler, 26, admitted to one count of conspiracy to gain unauthorized access to computers and one count of identity theft at a Thursday hearing before U.S. District Judge Susan Wigenton in Newark, New Jersey federal court.

Each count carries a maximum sentence of up to five years in prison and a $250,000 fine, the office of U.S. Attorney Paul Fishman said. Sentencing was set for September 28.

Investigators accused Spitler and co-defendant Andrew Auernheimer, 25, of using an account slurper to conduct a brute force attack over five days last June to extract data about iPad users who accessed the Internet through the AT&T network.

Prosecutors said the defendants were associated with Goatse Security, a group of self-professed Internet 'trolls' who try to disrupt online content and services.

Susan Cassell, a lawyer representing Spitler, said any 26-year-old in her client's position will be deeply saddened by the process, especially when his goal was to benefit the public by exploiting a security breach that, if left unaddressed, could have led to far more serious consequences.

Auernheimer was charged with the same crimes as Spitler, and his case is pending. He is represented by a federal public defender, who was not immediately available for comment.

(Reporting by Jeremy Pelofsky in Washington, D.C. and Jonathan Stempel in New York; editing by Gerald E. McCormick)