AT&T apologizes, blames hackers for iPad e-mail breach
It vows to work with law enforcement officials probing the incident
IDG News Service - AT&T issued an apology on Sunday for a hack that exposed thousands of iPad customers' e-mail addresses last week and vowed to work with law enforcement to prosecute those responsible.
A hacking group called Goatse Security obtained about 114,000 e-mail addresses of people such as White House Chief of Staff Rahm Emanuel and New York Mayor Michael Bloomberg by exploiting an authentication page on AT&Ts Web site.
The group found that entering a correct serial number for the iPad's SIM card, called an integrated circuit card identification (ICC-ID), the log-in page would return an e-mail address associated with that iPad. They wrote code that would randomly generate those serial numbers and queried the Web site until an e-mail addresses were returned, according to AT&T.
AT&T designed the site to automatically populate the e-mail field in order to make it easier for its customers to log in. AT&T has since changed the page to require an e-mail address and password to be entered.
"The hackers deliberately went to great efforts with a random program to extract possible ICC-IDs and capture customer e-mail addresses," wrote Dorothy Attwood, AT&T's chief privacy officer, in an e-mail sent to affected customers. "They then put together a list of these e-mails and distributed it for their own publicity."
The e-mail addresses were passed to Gawker.com. Goatse maintains that it did not directly contact AT&T but waited until the company fixed the problem before giving the e-mail addresses to Gawker and said it has since destroyed the data.
Nonetheless, the U.S. Federal Bureau of Investigation opened a probe last Thursday into whether Goatse Security broke the law.
AT&T said only the ICC-ID and e-mail address were exposed and that other personal account information and e-mail content were not. The hackers did not get access to AT&T data networks, according to the letter.
"We apologize for the incident and any inconvenience it may have caused," Attwood wrote. "Rest assured, you can continue to use your AT&T 3G service on your iPad with confidence."
AT&T will not offer any incentives to those customers affected, according to Mark Siegel, executive director for media relations.
Send news tips and comments to email@example.com
- Office for iPad apps ring up 27M downloads
- Apple plays hardball with iPad Mini reveal
- Apple breezes to PC sales' top spot as Windows share decays
- Analyst tallies perks of September launch of new iPhone, iPad
- Analyst predicts stellar iPad sales in next week's Apple earnings
- Nexus 7 holds up better than iPad in drop, water-dunk tests
- With iPad Mini, Apple would remain tablet king through '16, says IDC
- Apple demands ipad3.com domain
- Chrome for iOS snatches top spot on App Store
- iPad in the Enterprise: IT Must Stay Ahead of the Curve
- SIP Migration: Addressing CIOs' Concerns Recent data from IDG Research shows that many IT executives are counting on SIP to help them meet employee efficiency and customer experience...
- City Solved Network Mystery - Saves $30K The City of Jacksonville put their hunch to work and not only solved a mystery, but found a new and innovative use for...
- Using Video to Gain a Competitive Advantage: A Business Strategy for Mid-Market Companies The insights provided in this white paper are based on industry analysts and 30+ years of experience from the Video Collaboration Group at...
- Datacenter eGuide Read on to learn what technologies are essential for high-performing data centers today, and to get a glimpse of what the data center...
- On-demand webinar - 7 Keys to Service Catalog Implementation Success Watch this webinar to learn 7 crucial keys to make your service catalog a success!
- Transform Your IT Service Management Watch this webinar, to learn how EasyVista can increase IT productivity & efficiency and deliver streamlined & integrated IT Service & Asset Mgmt. All Network Security White Papers | Webcasts