New York Attorney General Letitia James and Governor Andrew Cuomo are investigating the FaceTime eavesdropping bug on iOS devices that allowed a person to FaceTime another person and hear conversations and see videos even when the call was not answered.
According to Bloomberg, the New York officials will be focusing on Apple's failure to warn consumers about the bug and its slow response.
The FaceTime eavesdropping bug was widely publicized on Monday, and several hours after information on how to execute the exploit spread, Apple disabled the Group FaceTime servers.
"This FaceTime breach is a serious threat to the security and privacy of the millions of New Yorkers who have put their trust in Apple and its products over the years," James said in the statement on Wednesday.
"We need a full accounting of the facts to confirm businesses are abiding by New York consumer protection laws and to help make sure this type of privacy breach does not happen again," Cuomo said in the statement.
Apple is planning to release a software fix that will solve the bug and will allow the company to bring Group FaceTime back online. That update is expected sometime this week.
While the glitch was not widely known until Monday afternoon, Apple was informed about the bug more than a week prior. The person who contacted Apple said that Apple did not respond to multiple attempts to notify the company about the issue.
It's not entirely clear if Apple knew about the bug and was working on a fix internally at the time that it became widespread, but if so, Apple certainly left it functional and did not move to disable Group FaceTime until forced to do so. For that reason, it's not known how long the bug has been present in iOS and how long people may have been quietly exploiting it.
In addition to the inquiry from New York officials, Apple is also facing a lawsuit over the issue. Yesterday, an attorney said the FaceTime bug allowed an unknown person to listen in on sworn testimony during a client deposition.
Top Rated Comments
I’m not sure I’m a fan of Apple anymore.
;):p
All these in-depth investigations and lawsuits related to security/privacy bugs seem to target Apple, yet flagrant and deliberate privacy violations seem to almost go unchecked or dismissed.
Regardless, it’s not the first time this has happened where media attention seems to “resolve” an Apple bug faster than a bug report does (Calculator iOS app being a prime example). Hopefully this will finally kick Apple into gear with rethinking how they address bugs logged and keep communication between their teams.