Email Addresses and SIM Identifiers of 114,000 AT&T iPad 3G Users Exposed
The breach, which comes just weeks after an Apple employee lost an iPhone prototype in a bar, exposed the most exclusive email list on the planet, a collection of early-adopter iPad 3G subscribers that includes thousands of A-listers in finance, politics and media, from New York Times Co. CEO Janet Robinson to Diane Sawyer of ABC News to film mogul Harvey Weinstein to Mayor Michael Bloomberg. It even appears that White House Chief of Staff Rahm Emanuel's information was compromised.
The security hole, which has been closed by AT&T, appears to have been related to data meant for a Web application accessible on the iPad. Those who discovered the hole were able to guess large swaths of ICC-ID numbers based on a handful of known numbers and use a script paired with an iPad user agent setting on their browser to query the email addresses associated with the ICC-IDs.Beyond the obvious privacy implications of having personal email addresses exposed, it is unclear exactly what the ramifications of the security breach are. Despite claims from those who discovered the breach that the information might be able to be used to spoof devices or intercept data, other security researchers do not believe that to be possible. AT&T and Apple have yet to comment on the situation.
Top Rated Comments
(View all)
Apple has suffered another embarrassment. A security breach has exposed iPad owners including dozens of CEOs, military officials, and top politicians. They—and every other buyer of the wireless-enabled tablet—could be vulnerable to spam marketing and malicious hacking.
The breach, which comes just weeks after an Apple employee lost an iPhone prototype in a bar, exposed the most exclusive email list on the planet, a collection of early-adopter iPad 3G subscribers that includes thousands of A-listers in finance, politics and media, from New York Times Co. CEO Janet Robinson to Diane Sawyer of ABC News to film mogul Harvey Weinstein to Mayor Michael Bloomberg. It even appears that White House Chief of Staff Rahm Emanuel's information was compromised.
It doesn't stop there. According to the data we were given by the web security group that exploited vulnerabilities on the AT&T network, we believe 114,000 user accounts have been compromised, although it's possible that confidential information about every iPad 3G owner in the U.S. has been exposed.
The specific information exposed in the breach included subscribers' email addresses, coupled with an associated ID used to authenticate the subscriber on AT&T's network, known as the ICC-ID. ICC-ID stands for integrated circuit card identifier and is used to identify the SIM cards that associate a mobile device with a particular subscriber.
http://gawker.com/5559346/
Funny how you didn't include this quote from the article...
AT&T closed the security hole in recent days, but the victims have been unaware, until now. For a device that has been shipping for barely two months, and in its wireless configuration for barely one, the compromise is a rattling development. The slip up appears to be AT&T's fault at the moment, and it will complicate the company's already fraught relationship with Apple. But it will also likely unnerve customers thinking of buying iPads that connect to AT&T's cellular network.
So how is this "Apple's Worst Security Breach"? Short answer...it isn't. Gawker is clearly running a misleading title in a nakedly obvious attempt to get some revenge on the company who has been giving them the cold shoulder since Gizmodo's little purchase of some stolen property.
Nice title, given that it was AT&T's security hole that got exploited.
Indeed.. It was the monkey not the organ grinders fault.
Didn't they wipe it though?
Wipe what exactly? The security hole was closed now but the users have been compromised already. You can't "un-expose" an email once it is known. I am betting the list is floating somewhere underground.
Is there really anything that can be done with this info? :( all I can think of is a spamfest on the email accounts.
[ Read All Comments ]
Our sister-site TouchArcade notes that Chillingo's excellent physics puzzler Feed Me Oil is free today for both the iPhone and iPad. It's normally $0.99 for iPhone and $1.99 for iPad....
Several years ago, Comcast began instituting bandwidth caps of 250GB per month on its residential customers. In 2008, this was plenty for most customers, but with the advent of streaming video...
Reuters reports that China Mobile Chairman Xi Guohua has once again publicly stated that the world's largest mobile phone carrier is engaged in talks with Apple about offering the iPhone to its...
Apple has filed a motion to dismiss in a case filed by customers over alleged misleading advertising depicting the Siri technology in the iPhone 4S. The lawsuit, filed in March, alleges that...
The American Customer Satisfaction Index (ASCI) today released its latest rankings of customer satisfaction in the United States for mobile phones and a number of products and services, with the new...
