Thursday, June 10, 2010

Another black eye for AT&T as security breach reveals the e-mail addresses of over 100,000 iPad 3G customers

Another reason to dump AT&T: a security breach at the mobile carrier that reveals the e-mail addresses of early purchasers of the Apple iPad was discovered by Goatse Security a group that specializes in exposing security vulnerabilities. Originally reported by Gawker, who rather cynically put the blame on Apple, the data is actually the responsibility of AT&T.

(Gawker, and its site Gizmodo, if you recall, had a bit of a run-in with Apple over the new iPhone 4. Placing the blame of a security leak at AT&T is an amazing case of immaturity and journalistic incompetence. ZDNet does a better job with the story, following up with AT&T and getting their reactions.)

The issue involves the 3G model of the iPad only and involves exposure of customer iPad ICC IDS, revealing the e-mail addresses of the owner. Since only 3G models interface with AT&T owners of Wi-Fi only models are not effected.