Responsibility can be shared between Apple and AT&T for a security breach that will have exposed email address information for more than 100,000 iPad tablet users. The FBI is already investigating.
The flaw was identified by the Goatse Security group, which belongs to GNAA (North American association of gays and blacks). The hackers will have resorted to a PHP script to collect data on the operator’s website, gaining access to email addresses after having been able to guess the names of iPad owners, which allowed them to discover the identity of the SIM cards, as explained on the website .
The authenticity of the information was verified by sending two of the listed owners the ICC ID information (the SIM card identification circuit) contained in the document – which is associated with the iPad 3G account.
Among the 114,000 identified names are top executives from various companies but also from the government and even the military. The information was initially revealed through GAWKER, which published extracts from the email lists we reproduced below and the image we used as a highlight, with the word iLeak.
Goatse Security has notified AT&T of the identified flaw and the process used and the issue will have been resolved quickly. However, AT&T has already recognized the security problem and the FBI has decided to open an investigation, although it is only at the beginning and there are no developments yet.
In the information revealed, the group points the blame for this security breach to AT&T, but does not leave out Apple, mainly because it is this company that is responsible for protecting its customers’ data, but also for limiting network connection options. 3G to the North American operator.
The group had previously gotten media attention when it discovered security flaws in Safari and Firefox browsers, in addition to identifying flaws in Amazon’s rating system.