FBI investigating AT&T security breach that revealed iPad owner emails

Posted:
in iPad edited January 2014
The Federal Bureau of Investigation said Thursday that it has begun a probe into an AT&T security breach that exposed the email address of over 100,000 registered iPad owners.



"The FBI is aware of these possible computer intrusions and has opened an investigation to address the potential cyber threat," FBI spokesman Jason Pack said.



The move comes one day after AT&T acknowledged that a security flaw on its website made it possible for hackers to query its database and uncover the email addresses of customers who had registered to use its mobile broadband service on their iPhone 3G.



"This issue was escalated to the highest levels of the company and was corrected by Tuesday," the carrier said. "We are continuing to investigate and will inform all customers whose e-mail addresses may have been obtained."



The attack on AT&T's web servers resulted in at least 114,000 iPad 3G users' emails being leaked to Goatse Security hackers when batches of iPad ICC-IDs were entered via specially formatted HTTP requests.



The group automated requests of the email address information for a wide swath of ICC-ID serial numbers using a script. Although the exploit revealed the addresses of several prominent government and corporate officials, no other information was revealed as part of the breach.



A representative for Goatse Security told the Wall Street Journal that it 'hasn't heard from law enforcement and that it didn't do anything illegal, so doesn't see why it would.'
«1

Comments

  • Reply 1 of 27
    quinneyquinney Posts: 2,521member
    I am going to have to advocate taser usage.
  • Reply 2 of 27
    quinneyquinney Posts: 2,521member
    omg, the FBI agent's name is Pack. Is any of this real?
  • Reply 4 of 27
    shobizshobiz Posts: 207member
    ...hasn't done anything illegal..." OMG, are we going to do this AGAIN!!!!



    We have a serious crisis in morality and ethics now days
  • Reply 5 of 27
    sipsip Posts: 210member
    These Goatses shared the info with Gawker Media, and after the lost/stolen iPhone4 debacle, well...
  • Reply 6 of 27
    jerseymacjerseymac Posts: 408member
    Okay. Let's hear it from the AT&T defenders.
  • Reply 7 of 27
    shobizshobiz Posts: 207member
    Quote:
    Originally Posted by Jerseymac View Post


    Okay. Let's hear it from the AT&T defenders.



    I don't get it?

    This is simply an article stating the FBI is investigating what happened and who may have done it.
  • Reply 8 of 27
    quinneyquinney Posts: 2,521member
    Quote:
    Originally Posted by sip View Post


    These Goatses shared the info with Gawker Media, and after the lost/stolen iPhone4 debacle, well...



    Gawker is already in a deep hole and they don't have the sense to stop digging (if you will pardon the expression).
  • Reply 9 of 27
    quinneyquinney Posts: 2,521member
    Quote:
    Originally Posted by Jerseymac View Post


    Okay. Let's hear it from the AT&T defenders.



    They fixed it almost right away and it's not as bad as the oil spill.
  • Reply 10 of 27
    ....even Michael Bloomberg said so.





    New York Mayor Michael Bloomberg, whose e-mail address was exposed because of the security vulnerability with his new iPad, shrugged it off Thursday and said he didn't understand the fuss.



    "It shouldn't be pretty hard to figure out my e-mail address," Bloomberg said, "and if you send me an e-mail and I don't want to read it, I don't open it. To me it wasn't that big of a deal."
  • Reply 11 of 27
    wurm5150wurm5150 Posts: 763member
    Nobody cares about celebrities being on that list but when you got Pentagon officials, White House staff, DARPA officials (who work on highly classified projects) that's another story and surely will invite the FBI. It may only be email addresses but what will be compromised next if this happens again?
  • Reply 12 of 27
    dr millmossdr millmoss Posts: 5,403member
    Quote:
    Originally Posted by Wurm5150 View Post


    Nobody cares about celebrities being on that list but when you got Pentagon officials, White House staff, DARPA officials (who work on highly classified projects) that's another story and surely will invite the FBI. It may only be email addresses but what will be compromised next if this happens again?



    More e-mail addresses will be "compromised?" As if they are even remotely secure to being with?



    Really, I'm finding this entire episode to be a hoot and a half.
  • Reply 13 of 27
    wurm5150wurm5150 Posts: 763member
    Quote:
    Originally Posted by Dr Millmoss View Post


    More e-mail addresses will be "compromised?" As if they are even remotely secure to being with?



    Really, I'm finding this entire episode to be a hoot and a half.



    They'll be fishing for info beyond email addresses? I work for the Air Force and believe me the DoD doesn't take any type of compromise lightly even if it's as small as email address breach.
  • Reply 14 of 27
    anantksundaramanantksundaram Posts: 18,886member
    It is amazing to see the number of hyperventilated, breathless, poorly reported, negative stories about Apple in the past couple of weeks -- iAd and Google, broken iPhone screen, Foxconn suicides, whether 326 ppi is truly 'retina screen,' wifi meltdown, iPad security breach....... it goes on and on. I know I am missing many many more.



    It's getting to be ridiculous. Yet, Apple's PR still does not feel compelled to counter any of these distortions.



    Time will tell if that's a smart strategy or not.



    Speaking for myself, I am beginning to have my doubts on Apple's 'strategery' here.
  • Reply 15 of 27
    jerseymacjerseymac Posts: 408member
    Quote:
    Originally Posted by quinney View Post


    They fixed it almost right away and it's not as bad as the oil spill.



    So typical. What happened to the part where they didn't tell anyone for two days?
  • Reply 16 of 27
    onhkaonhka Posts: 1,025member
    As I posted elsewhere:



    Has anybody checked out the Goagtse Security web site?



    If you had, you would have found posted at the bottom of their web site at http://security.goatse.fr/ :
    Quote:

    Goatse Security is a wholly owned subsidiary of the GNAA



    And checking out GNAA is, …well you decide. http://www.gnaa.eu/
    In any event, I feel that disclosing confidential information as was done here*, should be equally illegal as buying stolen items or being an accessory after the fact.
    *
    Quote:

    A group known as Goatse Security has published the personal e-mail addresses of the victims—many of whom are popular celebrities, prominent executives and high-ranking dignitaries—that it obtained by exploiting an automated script on an AT&T server.



    http://www.macworld.com/article/1519...data_leak.html



  • Reply 17 of 27
    masternavmasternav Posts: 442member
    Quote:
    Originally Posted by anantksundaram View Post


    It is amazing to see the number of hyperventilated, breathless, poorly reported, negative stories about Apple in the past couple of weeks -- iAd and Google, broken iPhone screen, Foxconn suicides, whether 326 ppi is truly 'retina screen,' wifi meltdown, iPad security breach....... it goes on and on. I know I am missing many many more.



    It's getting to be ridiculous. Yet, Apple's PR still does not feel compelled to counter any of these distortions.



    Time will tell if that's a smart strategy or not.



    Speaking for myself, I am beginning to have my doubts on Apple's 'strategery' here.



    Isn't it now part of the release profile that has happened for the last couple of Apple products? Apple announces some really cool kit, suddenly breathless announcements starting popping up and the media go berserk with odd, goofy and highly reactionary stories. The actual release comes and things quiet down a bit.



    Hmmmm. reminds me of something else............... hmmmmmm.



    *Lights up a cigarette* I knew there was something truly satisfying about Apple. And yeah it WAS good for me.
  • Reply 18 of 27
    quinneyquinney Posts: 2,521member
    Quote:
    Originally Posted by Jerseymac View Post


    So typical. What happened to the part where they didn't tell anyone for two days?



    If I was seriously defending them, you would know it (or maybe you wouldn't)
  • Reply 19 of 27
    daharderdaharder Posts: 1,580member
    ... \ ...
  • Reply 20 of 27
    jerseymacjerseymac Posts: 408member
    Quote:
    Originally Posted by quinney View Post


    If I was seriously defending them, you would know it (or maybe you wouldn't)



    Oh. So it was a joke instead of some kinda shot. Most amusing.



    And you followed it up by taking a shot. Typical.
Sign In or Register to comment.