Security Breach Exposes 114,000 iPad Owners

Valleywag has exposed a security issue with the iPad 3G that has left 114,000 iPad owners had their information compromised due to a security hole that has now been closed by AT&T. The flaw exposed subscribers’ email addresses and network ID known as the ICC-ID used to connect to AT&T’s network. The ICC-ID identifies the microSIM card with the subscriber.

The group of exposed owners include some well known celebrities and politicians including Diane Sawyer of ABC News, NYC Mayor Michael Bloomberg and White House Chief of Staff Rahm Emanuel. The subscriber data was obtained by Goatse Security, a group that has previously highlighted security issues in both Safari and Firefox. The group obtained the addresses by running a script on AT&T’s website. Shortly thereafter, they notified AT&T.  Here’s AT&T’s official response:

“AT&T was informed by a business customer on Monday of the potential exposure of their iPad ICC IDS. The only information that can be derived from the ICC IDS is the e-mail address attached to that device.

This issue was escalated to the highest levels of the company and was corrected by Tuesday; and we have essentially turned off the feature that provided the e-mail addresses.

The person or group who discovered this gap did not contact AT&T.

We are continuing to investigate and will inform all customers whose e-mail addresses and ICC IDS may have been obtained.

We take customer privacy very seriously and while we have fixed this problem, we apologize to our customers who were impacted.”

Source.

Advertisements
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: