Wednesday, June 9, 2010

New York Times Reports That Apple Carrier Exposed Email Addresses of 114,000 iPad 3G Owners Including Media, Government, and Finance A-Listers

By Stephen Windwalker, editor of Planet iPad
Copyright © 2010 Planet iPad

Oh dear, it appears that AT&T is working on some new definitions of "magical" and "revolutionary."

The New York Times' Nick Bilton is reporting breaking news that AT&T has acknowledged that it learned two days ago that it exposed the email addresses of 114,000 of its iPad 3G owners to hackers. 

It is not known when AT&T informed Apple of the massive security breach, or if Apple CEO Steven Jobs was aware of the issue when he made an upbeat presentation about the iPad Monday at Apple's 2010 Worldwide Developers Conference.

The Times report draws on information developed originally by Gawker, which revealed that the list of compromised accounts includes "includes thousands of A-listers in finance, politics and media, from New York Times Co. CEO Janet Robinson to Diane Sawyer of ABC News to film mogul Harvey Weinstein to Mayor Michael Bloomberg."

Gawker's report also said:
Within the tech industry, accounts were compromised at Google, Amazon, Microsoft and AOL, among others. In finance, accounts belonged to companies from Goldman Sachs to JP Morgan to Citigroup to Morgan Stanley, along with dozens of venture capital and private equity firms.
In government, affected accounts included a GMail user who appears to be Rahm Emanuel and staffers in the Senate, House of Representatives, Department of Justice, NASA, Department of Homeland Security, FAA, FCC, and National Institute of Health, among others. Dozens of employees of the federal court system also appeared on the list.
Although Apple has apparently stayed mum on the subject, the Times reported the following response from AT&T:
AT&T was informed by a business customer on Monday of the potential exposure of their iPad ICC IDS. The only information that can be derived from the ICC IDS is the e-mail address attached to that device.
This issue was escalated to the highest levels of the company and was corrected by Tuesday; and we have essentially turned off the feature that provided the e-mail addresses.
The person or group who discovered this gap did not contact AT&T.
We are continuing to investigate and will inform all customers whose e-mail addresses and ICC IDS may have been obtained.  At this point, there is no evidence that any other customer information was shared.
We take customer privacy very seriously and while we have fixed this problem, we apologize to our customers who were impacted.
According to an update from Bilton, "The New York Times has emailed all staff suggesting they 'turn off your access to the 3G network on your iPad until further notice' while the newspaper's engineers and security staff investigate the issue."

No comments:

Post a Comment