SAN FRANCISCO — AT&T Inc. on Wednesday acknowledged a security weak spot that exposed the e-mail addresses of apparently more than 100,000 users of Apple Inc.’s iPad, a breach that could make those people vulnerable to precision-targeted hacking attacks.
The vulnerability only affected iPad users who signed up for AT&T’s "3G” wireless Internet service.
It involved an insecure way that AT&T’s website would prompt iPad users when they tried to log into their AT&T accounts through the devices. The site would supply users’ e-mail addresses, to make log-ins easier, based on unique codes contained in the SIM cards inside their iPads. SIM cards are used to tell cell-phone networks which subscriber is trying to use the service.
The hacker group that claims to have discovered the weakness — the group calls itself Goatse Security — said it was able to trick AT&T’s site into coughing up more than 114,000 e-mail addresses, including those apparently of famous media personalities and important government officials.
A representative for the group told The Associated Press late Wednesday that the group contacted AT&T and waited until the vulnerability was fixed before going public with the information. AT&T said the problem was fixed Tuesday but that it was alerted to it by a business customer.
Gawker Media Inc.’s Valleywag website earlier reported on the breach.
AT&T said it will notify all iPad users whose e-mail addresses may have been accessed.
"We take customer privacy very seriously and while we have fixed this problem, we apologize to our customers who were impacted,” the company said in a statement.
AT&T noted that the only information hackers would have been able to steal using this attack were users’ e-mail addresses. But that can be enough to launch a highly effective attack, since the attacker also knows that the person receiving the e-mail is an iPad user and an AT&T customer and would expect to receive e-mail from Apple and AT&T about their accounts. Criminals could use that knowledge to trick them into opening e-mails that plant malicious software on their computers.
An Apple representative deferred requests for comment to AT&T.
Apple has sold more than 2 million iPads since they went on sale two months ago. The iPad comes in two different flavors — one that only connects to the Internet via Wi-Fi, and another that also can connect through AT&T’s "3G” cellular network. The Wi-Fi-only models aren’t affected by the breach. Apple hasn’t specified how many of each model it has sold.
Please purchase a Premium Subscription to continue reading.
To continue, please log in, or sign up for a new account.
We offer one free story view per month. If you register for an account, you will get two additional story views. After those three total views, we ask that you support us with a subscription.
A subscription to our digital content is so much more than just access to our valuable content. It means you’re helping to support a local community institution that has, from its very start, supported the betterment of our society. Thank you very much!
Only subscribers can view and post comments on articles.
Already a subscriber? Login Here
Puffs, or Seven Increasingly Eventful Years at a Certain School of Magic and Magic, is a fas… Read moreAragon High School Theatre presents "Puffs"
Join us for this fun community gathering. There will be a resource fair, music and a raffle.… Read moreBelmont Senior Showcase
Art Without An Artist: Can AI Be Considered An Artist? Read moreART WITHOUT AN ARTIST: Can AI be Considered an Artist?
Ready to dive into the world of Accessory Dwelling Units? Join us in person for a casual, in… Read moreBuild Your ADU Seminar: From Permits to Keys
Exclusive film screening in San Mateo Read moreA LITTLE FELLOW: THE LEGACY OF A.P.GIANNINI
Planning your dream wedding? Discover everything you need at the Wedding Fair in the Park – … Read moreWedding Fair in the Park
Thomas Morgan said:
Thomas Morgan said:
CA Is Burning said:
Success! An email has been sent to with a link to confirm list signup.
Error! There was an error processing your request.
Sorry, an error occurred.
Already Subscribed!
Cancel anytime
Thank you .
Your account has been registered, and you are now logged in.
Check your email for details.
Submitting this form below will send a message to your email with a link to change your password.
An email message containing instructions on how to reset your password has been sent to the email address listed on your account.
No promotional rates found.
Secure & Encrypted
Thank you.
Your gift purchase was successful! Your purchase was successful, and you are now logged in.
| Rate: | |
| Begins: | |
| Transaction ID: |
A receipt was sent to your email.
(0) comments
Welcome to the discussion.
Log In
Keep the discussion civilized. Absolutely NO personal attacks or insults directed toward writers, nor others who make comments.
Keep it clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.
Don't threaten. Threats of harming another person will not be tolerated.
Be truthful. Don't knowingly lie about anyone or anything.
Be proactive. Use the 'Report' link on each comment to let us know of abusive posts.
PLEASE TURN OFF YOUR CAPS LOCK.
Anyone violating these rules will be issued a warning. After the warning, comment privileges can be revoked.