By now many of you have heard that the Apple iPad has had a serious security leak, leading to the hacking of 114,000 email addresses off the AT&T website.
The hack was exposed by a group of “security analysts” called Goats/e, whose website carries a French URL.
The breach was first reported by Gawker.
But the reason behind the vulnerability was very interesting.
The Wall Street Journal reports — and AT&T’s head of security confirms (I bet he is feeling the heat today) — that the hack was obtained because of a convenience factor.
To help you buy more data for that data hog you have, they preloaded the email addresses as a way to identify you on the AT&T website.
As I understand it, the problem was related to early adopters of the 3G version of the iPad, and anyone who has no dealings with AT&T was not affected.
Among the high-profile early adopters, White House Chief of Staff Rham Emanuel was among the early adopters, and his name was included among the leaked email addresses.
So the preloaded email addresses would enable those of you who needed to buy more data for your data plan to easily do this online.
And quickly because your data were easily stored in the open as part of the sign-in process.
This is amazing for those of us who have AT&T accounts and have to wrestle with an unfriendly website.
The reason behind the lack of tight security seems to be enough to have the FBI open a formal investigation into the breach.
Hmmm, red faces in Redmond Town Center today I think.
Related posts:
About Timothy O'Neil-Dunne
[...] This post was mentioned on Twitter by Dennis Schaal, Social Mapping. Social Mapping said: iProblem was AT&T flaw — Feds open iPad security breach investigation http://ff.im/-lPUEy [...]