FBI investigating AT&T security breach that revealed iPad owner emails
The Federal Bureau of Investigation said Thursday that it has begun a probe into an AT&T security breach that exposed the email address of over 100,000 registered iPad owners.
"The FBI is aware of these possible computer intrusions and has opened an investigation to address the potential cyber threat," FBI spokesman Jason Pack said.
The move comes one day after AT&T acknowledged that a security flaw on its website made it possible for hackers to query its database and uncover the email addresses of customers who had registered to use its mobile broadband service on their iPhone 3G.
"This issue was escalated to the highest levels of the company and was corrected by Tuesday," the carrier said. "We are continuing to investigate and will inform all customers whose e-mail addresses may have been obtained."
The attack on AT&T's web servers resulted in at least 114,000 iPad 3G users' emails being leaked to Goatse Security hackers when batches of iPad ICC-IDs were entered via specially formatted HTTP requests.
The group automated requests of the email address information for a wide swath of ICC-ID serial numbers using a script. Although the exploit revealed the addresses of several prominent government and corporate officials, no other information was revealed as part of the breach.
A representative for Goatse Security told the Wall Street Journal that it 'hasn't heard from law enforcement and that it didn't do anything illegal, so doesn't see why it would.'
"The FBI is aware of these possible computer intrusions and has opened an investigation to address the potential cyber threat," FBI spokesman Jason Pack said.
The move comes one day after AT&T acknowledged that a security flaw on its website made it possible for hackers to query its database and uncover the email addresses of customers who had registered to use its mobile broadband service on their iPhone 3G.
"This issue was escalated to the highest levels of the company and was corrected by Tuesday," the carrier said. "We are continuing to investigate and will inform all customers whose e-mail addresses may have been obtained."
The attack on AT&T's web servers resulted in at least 114,000 iPad 3G users' emails being leaked to Goatse Security hackers when batches of iPad ICC-IDs were entered via specially formatted HTTP requests.
The group automated requests of the email address information for a wide swath of ICC-ID serial numbers using a script. Although the exploit revealed the addresses of several prominent government and corporate officials, no other information was revealed as part of the breach.
A representative for Goatse Security told the Wall Street Journal that it 'hasn't heard from law enforcement and that it didn't do anything illegal, so doesn't see why it would.'
Comments
AT&T fixes major iPad 3G security hole
We have a serious crisis in morality and ethics now days
Okay. Let's hear it from the AT&T defenders.
I don't get it?
This is simply an article stating the FBI is investigating what happened and who may have done it.
These Goatses shared the info with Gawker Media, and after the lost/stolen iPhone4 debacle, well...
Gawker is already in a deep hole and they don't have the sense to stop digging (if you will pardon the expression).
Okay. Let's hear it from the AT&T defenders.
They fixed it almost right away and it's not as bad as the oil spill.
New York Mayor Michael Bloomberg, whose e-mail address was exposed because of the security vulnerability with his new iPad, shrugged it off Thursday and said he didn't understand the fuss.
"It shouldn't be pretty hard to figure out my e-mail address," Bloomberg said, "and if you send me an e-mail and I don't want to read it, I don't open it. To me it wasn't that big of a deal."
Nobody cares about celebrities being on that list but when you got Pentagon officials, White House staff, DARPA officials (who work on highly classified projects) that's another story and surely will invite the FBI. It may only be email addresses but what will be compromised next if this happens again?
More e-mail addresses will be "compromised?" As if they are even remotely secure to being with?
Really, I'm finding this entire episode to be a hoot and a half.
More e-mail addresses will be "compromised?" As if they are even remotely secure to being with?
Really, I'm finding this entire episode to be a hoot and a half.
They'll be fishing for info beyond email addresses? I work for the Air Force and believe me the DoD doesn't take any type of compromise lightly even if it's as small as email address breach.
It's getting to be ridiculous. Yet, Apple's PR still does not feel compelled to counter any of these distortions.
Time will tell if that's a smart strategy or not.
Speaking for myself, I am beginning to have my doubts on Apple's 'strategery' here.
They fixed it almost right away and it's not as bad as the oil spill.
So typical. What happened to the part where they didn't tell anyone for two days?
Has anybody checked out the Goagtse Security web site?
If you had, you would have found posted at the bottom of their web site at http://security.goatse.fr/ : In any event, I feel that disclosing confidential information as was done here*, should be equally illegal as buying stolen items or being an accessory after the fact.
It is amazing to see the number of hyperventilated, breathless, poorly reported, negative stories about Apple in the past couple of weeks -- iAd and Google, broken iPhone screen, Foxconn suicides, whether 326 ppi is truly 'retina screen,' wifi meltdown, iPad security breach....... it goes on and on. I know I am missing many many more.
It's getting to be ridiculous. Yet, Apple's PR still does not feel compelled to counter any of these distortions.
Time will tell if that's a smart strategy or not.
Speaking for myself, I am beginning to have my doubts on Apple's 'strategery' here.
Isn't it now part of the release profile that has happened for the last couple of Apple products? Apple announces some really cool kit, suddenly breathless announcements starting popping up and the media go berserk with odd, goofy and highly reactionary stories. The actual release comes and things quiet down a bit.
Hmmmm. reminds me of something else............... hmmmmmm.
*Lights up a cigarette* I knew there was something truly satisfying about Apple. And yeah it WAS good for me.
So typical. What happened to the part where they didn't tell anyone for two days?
If I was seriously defending them, you would know it (or maybe you wouldn't)
If I was seriously defending them, you would know it (or maybe you wouldn't)
Oh. So it was a joke instead of some kinda shot. Most amusing.
And you followed it up by taking a shot. Typical.