A security hole on AT&T’s website has led to the exposure of email addresses and SIM ICC-ID numbers for 114,000 iPad with Wi-Fi + 3G users. Gawker reports that a security company known as Goatse Security discovered a script on AT&T’s website, accessible by the public, through which it obtained the data. While the security group did notify AT&T of the breach, and the company subsequently closed the security hole, the group admits it shared the PHP script it used to harvest the data with several third-parties prior to AT&T’s action, meaning that the accounts of all 114,000 known users, and possibly more, have potentially been compromised. Included in the breach were the email addresses and ICC-ID numbers of a number of high-ups in the media, tech, and financial industries, as well as a number of senior government officials, allegedly including White House Chief of Staff Rahm Emanuel. Despite the leak, a notable security expert at the University of Virginia told Gawker the exposure of ICC-ID information “has no direct security consequences.” AT&T and Apple have yet to comment on the matter.
AT&T exposes emails, SIM IDs of 114,000 iPad 3G users
Charles Starrett was a senior editor at iLounge. He's been covering the iPod, iPhone, and iPad since their inception. He has written numerous articles and reviews, and his work has been featured in multiple publications.