AT&T Discloses serious IPad Security Breach

I have to assume I’m in this group: I have an iPad 3G, and an AT&T data plan for it1

AT&T Inc. acknowledged Wednesday that a security hole in its website had exposed iPad users’ email addresses, a breach that highlights how corporations still have problems protecting private information.

Bored with the iPad

A small group of computer experts that calls itself Goatse Security claimed responsibility for the intrusion, saying they exploited an opening in AT&T’s website to find numbers that identify iPads connected to AT&T’s mobile network.

Those numbers allowed the group to uncover 114,000 email addresses of thousands of users, including prominent officials in companies, politics and the military, Goatse said. Gawker Media LLC, which reported the breach earlier Wednesday, said 114,000 email addresses were revealed. It doesn’t appear any financial or billing information was made public.

AT&T, the sole U.S. provider of wireless service for the Apple Inc. tablets, said it had fixed the security problem by Tuesday. It said it would inform all customers whose email addresses and iPad IDs may have been obtained.

(click to continue reading AT&T Discloses IPad Security Breach – WSJ.com.)

What I don’t know is what Goatse did with the data – are they planning on selling it to spammers? Or use it to compromise our email accounts in some way? My passwords are firewalled – i.e., I have different passwords for different websites, but no password is invulnerable to a determined hacker. Maybe AT&T will take a PR-friendly response, and offer a years worth of identity-theft monitoring for their customers?

Footnotes:
  1. plus my surname begins with the letter A – which was fine in school, not so good always []

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.