A security breach at AT&T's official website has lead to the exposure of about 114,067 email IDs of iPad 3G users. Goatse Security sent the information about the exposed email addresses to Gawker Media. U.S.'s Federal Bureau of Investigation has already started an investigation into this, reported The Wall Street Journal. 
Small group of individuals claiming to be a part of Goatse Security exploited the security flaw with a PHP script that pulled email IDs of iPad 3G users. These folks used script to get email addresses associated with Apple iPad's ICC IDs that are used to identify SIM cards that associate mobile device with a specific subscriber. AT&T confirmed the breach and sent out the below statement:
"AT&T was informed by a business customer on Monday of the potential exposure of their iPad ICC IDS. The only information that can be derived from the ICC IDS is the e-mail address attached to that device.
This issue was escalated to the highest levels of the company and was corrected by Tuesday; and we have essentially turned off the feature that provided the e-mail addresses.
The person or group who discovered this gap did not contact AT&T.
We are continuing to investigate and will inform all customers whose e-mail addresses and ICC IDS may have been obtained.
We take customer privacy very seriously and while we have fixed this problem, we apologize to our customers who were impacted."
AT&T did close the security hole on next day but the damage was done. Over 110,000 user email IDs including those of high ranking officers, government officials and several customers were already pulled from the site. However, iPad owners with Wi-Fi only versions are safe.
This incident puts both Apple and AT&T to shame. "The FBI is aware of these possible computer intrusions and has opened an investigation," said FBI spokeswoman Katherine Schweit.
While FBI proceeds with the initial investigations, AT&T and Apple would really have to do some damage control. The ICC IDS and email IDs exposed can lead to repetitive nuisance to iPad 3G owners. Meanwhile, AT&T is already pulling up its socks to offer enough bandwidth and top quality services to its iPhone as well as iPad customers.
No comments:
Post a Comment