Wednesday, June 09, 2010

AT&T Confirms iPad User Info Exposed

According to Gawker the emails of over 114,000 iPad 3G owners were accidentally exposed over AT&T's network. The hackers were able to gather emails of every AT&T customer who purchased an iPad 3G before Monday June 7, 2010.

The specific information exposed in the breach included subscribers' email addresses, coupled with an authentication ID used to authenticate the subscriber on AT&T's network, known as the ICC-ID. ICC-ID stands for integrated circuit card identifier and is used to identify the SIM cards that associate a mobile device with a particular subscriber.

AT&T was already aware of the breach and had since closed the security hole but the victims have been unaware, until the news was leaked via Gawker. “The issue has escalated to the highest levels of the company and was corrected by Tuesday; and we have essentially turned off the feature that provided the e-mail addresses,” AT&T said in a statement.

AT&T spokesman Mark Siegel confirmed the breach to CNET stating "AT&T was informed by a business customer on Monday of the potential exposure of their iPad ICC IDS. The only information that can be derived from the ICC IDS is the e-mail address attached to that device. We are continuing to investigate and will inform all customers whose e-mail addresses and ICC IDS may have been obtained," he said. "At this point, there is no evidence that any other customer information was shared."

The subscriber data was obtained by a group calling itself Goatse Security.

Goatse Security obtained its data through a script on AT&T's website, accessible to anyone on the internet. When provided with an ICC-ID as part of an HTTP request, the script would return the associated email address, in what was apparently intended to be an AJAX-style response within a Web application. The security researchers were able to guess a large section of ICC IDs by looking at known iPad 3G ICC IDs, either their own ICC-IDs or some of those unwittingly posted on the internet.

According to the Gawker article there were some rather big names who's addresses were leaked and may now be vulnerable. Among those are several military based email addresses from all branches of the military, NASA, the Department of Homeland security and several devices registered to the domain of DARPA, the advanced research division of the Department of Defense. There are also several major names in the tech sector, finance and media.

While there may not be much information leaked and hackers may not be able to do much with what little was leaked the fact that the info and email addresses are out in the wild might be a reason for concern. I'm sure they all have security measures in place to avoid phishing scams, spam and or other malicious emails but that doesn't mean hackers won't be trying and we all know it doesn't take much to slip something by.

No comments:

Post a Comment

All comments will be moderate for content, please be patient as your comment will appear as soon as it has been reviewed.

Thank you