E-Mail Addresses Of iPad 3G Owners Leak Out In AT&T Database Hack

Wow. This is not at all what AT&T or Apple had in mind for today. Just hours after Apple made a huge announcement that involved the next great smartphone for AT&T (yes, the iPhone 4), there's been a bombshell dropped that has temporarily made the focus on both companies distinctively more negative than usual. So, what could happen to put both Apple and AT&T in such a bad light? Oh, nothing but letting hackers access well over 100,000 e-mail addresses from prior iPad 3G + Wi-Fi buyers.

We told you "wow" was an appropriate response, didn't we? According to reports, a hacker group by the name of Goatse Security was able to slide into AT&T's website and trick it into sending back sensitive information. The "information" involved the e-mail addresses associated with the SIM identifiers on the 3G version of Apple's iPad. A grand total of 114,000 addresses were found, including the CEO of the New York Times, New York's Mayor, and White House Chief of Staff Rahm Emanuel. We bet Facebook is loving this given all the bad press it has received over security. It's not as easy as it looks to keep everything under wraps, it seems.

Here's an AT&T statement on the matter: "AT&T was informed by a business customer on Monday of the potential exposure of their iPad ICC IDS. The only information that can be derived from the ICC IDS is the e-mail address attached to that device. This issue was escalated to the highest levels of the company and was corrected by Tuesday; and we have essentially turned off the feature that provided the e-mail addresses. The person or group who discovered this gap did not contact AT&T. We are continuing to investigate and will inform all customers whose e-mail addresses and ICC IDS may have been obtained. At this point, there is no evidence that any other customer information was shared. We take customer privacy very seriously and while we have fixed this problem, we apologize to our customers who were impacted."

In the end, you must realize that this whole ordeal could have been far worse. Just knowing an e-mail address isn't the worst in the world. Only so much pain can be caused before a user sets up a filter to block any added spam, and there's always the option of creating a new address and picking up where you left off. At least credit card digits weren't shared, and it seems that the hole has been plugged. Still, knowing this, how many of you are now not going to purchase an iPhone 4 since it's obvious that your e-mail address may end up in someone else's hands? Right, just what we thought.

Tags:  Apple, ATT, security, 3G, ipad, breach
Via:  All Things D
Show comments blog comments powered by Disqus