AT&T security breach puts data of 114,000 iPad users in Gawker's hands

A hacker group has exposed an iPad security breach and put the private details of about 114,000 early adopters of the Apple product in Gawker’s hands. The list included people like The New York Times’ chief executive Janet Robinson and White House Chief of Staff Rahm Emanuel.

The group, which calls itself Goatse Security and has pointed out vulnerabilities in the Firefox and Safari browsers before, got the data through a script on AT&T’s website. The script would return an e-mail address associated with a numerical iPad ID, which Goatse hackers guessed for thousands of accounts.

Gawker tested the data by contacting some of the people on the list and verifying their iPad IDs and e-mail addresses. The list they received also included many military accounts, pictured below.

[Update: AT&T said the loophole was closed after the company was informed by one of its business customers about the issue, not a member of a hacker group. It added that the only information that could have possibly been exposed was a person's e-mail address.

"This issue was escalated to the highest levels of the company and was corrected by Tuesday; and we have essentially turned off the feature that provided the e-mail addresses," a company spokesperson said.]

For more detail on how it worked, check out Gawker’s coverage here.

[Photo: plasmastik]


VentureBeat is studying the state of marketing technology. Chime in, and we’ll share the data.