×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

ATT Leaks emails addresses of 114,000 iPad Users

pickens (49171) writes | more than 3 years ago

Security 0

Hugh Pickens writes "Daily Tech reports that in what is one of the biggest leaks of email addresses in recent history, a group called Goatse Security has published the personal email addresses of 114,067 iPad 3G purchasers in what appears to be a legal fashion by querying a public interface that AT&T accidentally left exposed. Apparently AT&T left a script on their public website, which when handed an ICC-ID would respond back with the email address of the subscriber. This apparently was intended for an AJAX-style response inside AT&T's web apps. Gawker reports that it's possible that confidential information about every iPad 3G owner in the U.S. has been exposed. "This is going to hurt the telecommunications company's already poor image with iPhone and iPad customers, and complicate its very profitable relationship with Apple," writes Ryan Tate adding that the leak is likely unnerve customers thinking of buying iPads that connect to AT&T's cellular network. "Although the security vulnerability was confined to AT&T servers, Apple bears responsibility for ensuring the privacy of its users, who must provide the company with their email addresses to activate their iPads." In a statement, AT&T says that the issue was escalated to the highest levels of the company and that they have essentially turned off the feature that provided the e-mail addresses. "We are continuing to investigate and will inform all customers whose e-mail addresses and ICC IDS may have been obtained," says AT&T. "We take customer privacy very seriously and while we have fixed this problem, we apologize to our customers who were impacted.""

0 comment

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...