The Inquirer-Home

Ipad users exposed by AT&T security breach

They're phishing targets now
Thu Jun 10 2010, 08:58

US MOBILE NETWORK AT&T has admitted that a security blunder in its system exposed the email addresses of apparently more than 100,000 users of Apple's Ipad.

The security breach could make shedloads of Ipad users vulnerable to attack. The disclosure of private data only affected iPad users who signed up for AT&T's 3G wireless Internet service.

The problem was caused by Ipad punters having to sign up to AT&T's mobile network service. An AT&T website gathered users' email addresses to enable them to login, based on unique codes contained in the SIM cards.

However a hacker group, Goatse Security discovered a weakness and managed to trick AT&T's website into coughing up more than 114,000 e-mail addresses. Some of the email addresses included famous media personalities and government officials.

Goatse Security told the Associated Press that the group contacted AT&T and waited until the vulnerability was fixed before going public with the information.

AT&T denies this and said that the problem was fixed after it had a call from a business customer. It said it will notify all Ipad users whose e-mail addresses may have been accessed.

The hack does cause some problems for Apple and its Ipad. Although the hackers only got a person's email address, they know that the person receiving the email is an Ipad user and an AT&T customer and would expect to receive email from Apple and AT&T about their accounts.

This means that hackers might be able to trick users into opening emails that plant tailor made malicious software on their Ipads.

Apple has refused to comment, effectively implying that it is all AT&T's problem. µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Coding challenges

Who’s responsible for software errors?