Apple’s exclusive U.S. carrier, AT&T, has admitted that it had inadvertently exposed thousands of iPad users’ e-mail addresses — a fact revealed by a security researcher.
The end result of the security lapse? More than 114,000 users’ e-mail addresses were made available, including those of some big names in politics, the media and the military. It’s a black eye for the second-largest U.S. carrier, which has also been struggling with network-congestion issues that have plagued Apple’s earlier iPhone products. eSecurity Planet takes a look at AT&T’s response and what exactly went wrong.
AT&T now says it has “turned off the feature” that made it possible for an independent security watchdog group to easily penetrate the telco’s data networks to access the e-mail addresses of more than 114,000 Apple iPad 3G owners, including some of the biggest names in media, the military and politics.
The security gaffe, first reported by Gawker, allowed representatives from Goatse Security to uncover subscribers’ e-mail addresses and match them with an associated ID used to authenticate the subscriber on AT&T’s network, known as the ICC-ID.