Valleywag has exposed a security issue with the iPad 3G that has left 114,000 iPad owners had their information compromised due to a security hole that has now been closed by AT&T. The flaw exposed subscribers’ email addresses and network ID known as the ICC-ID used to connect to AT&T’s network. The ICC-ID identifies the microSIM card with the subscriber.
The group of exposed owners include some well known celebrities and politicians including Diane Sawyer of ABC News, NYC Mayor Michael Bloomberg and White House Chief of Staff Rahm Emanuel. The subscriber data was obtained by Goatse Security, a group that has previously highlighted security issues in both Safari and Firefox. The group obtained the addresses by running a script on AT&T’s website. Shortly thereafter, they notified AT&T. Here’s AT&T’s official response:
“AT&T was informed by a business customer on Monday of the potential exposure of their iPad ICC IDS. The only information that can be derived from the ICC IDS is the e-mail address attached to that device.
This issue was escalated to the highest levels of the company and was corrected by Tuesday; and we have essentially turned off the feature that provided the e-mail addresses.
The person or group who discovered this gap did not contact AT&T.
We are continuing to investigate and will inform all customers whose e-mail addresses and ICC IDS may have been obtained.
We take customer privacy very seriously and while we have fixed this problem, we apologize to our customers who were impacted.”
via Valleywag
Written By