6/10/2010

AT&T security hole exposes iPad users’ e-mails

Filed under: — Aviran Mordo

AT&T Inc. on Wednesday acknowledged a security weak spot that exposed the e-mail addresses of apparently more than 100,000 users of Apple Inc.’s iPad, a breach that could make those people vulnerable to precision-targeted hacking attacks.

The vulnerability only affected iPad users who signed up for AT&T’s “3G” wireless Internet service.

It involved an insecure way that AT&T’s website would prompt iPad users when they tried to log into their AT&T accounts through the devices. The site would supply users’ e-mail addresses, to make log-ins easier, based on unique codes contained in the SIM cards inside their iPads. SIM cards are used to tell cell-phone networks which subscriber is trying to use the service.

The hacker group that claims to have discovered the weakness - the group calls itself Goatse Security - said it was able to trick AT&T’s site into coughing up more than 114,000 e-mail addresses, including those apparently of famous media personalities and important government officials.

Powered by WordPress