FBI investigating iPad breach

By on
FBI investigating iPad breach

The FBI has confirmed it is investigating the iPad security breach that led to the collection of the email addresses of over 114,000 users.

Yesterday Goatse Security announced that it had exploited a flaw in AT&T's security protocols that allowed them to harvest data on 114,067 iPad 3G owners. These included the White House chief of staff, New York major Michael Bloomberg and numerous senior people in the military, media and commerce.

"The FBI is aware of these possible computer intrusions and has opened an investigation," Katherine Schweit, an FBI spokeswoman, told the Wall Street Journal.

Ms. Schweit said the FBI opened the investigation today but it will not comment on what it is looking at. "It's very early in the investigation," she said.

Meanwhile security researchers at Praetorian Prefect have published the full exploit code used in the attack. The flaw is a simple one they said, which required no actual hacking.

“An e-mail address gets returned in the successful iterations (active ICCID) and parsed,” said the company in a blog posting.

“There’s no hack, no infiltration, and no breach, just a really poorly designed web application that returns e-mail address when ICCID is passed to it.”

AT&T said in a statement that the function on its web site that allowed the emails to vbe collected had now been altered to fix the problem.

“This issue was escalated to the highest levels of the company and was corrected by Tuesday, and we have essentially turned off the feature that provided the e-mail addresses,” AT&T said in a statement.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
breach email fbi investigation ipad security

Partner Content

Ingram Micro Ushers in the Age of Ultra
Ingram Micro Ushers in the Age of Ultra
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
Kaseya Dattocon APAC 2024 is Back
Kaseya Dattocon APAC 2024 is Back
Secure, integrated platforms enable MSPs to focus bringing powerful solutions to customers
Secure, integrated platforms enable MSPs to focus bringing powerful solutions to customers
Tech For Good program gives purpose and strong business outcomes
Tech For Good program gives purpose and strong business outcomes

Sponsored Whitepapers

F5’s 2025 Report: Unlocking AI Success by Conquering App & API Complexity
F5’s 2025 Report: Unlocking AI Success by Conquering App & API Complexity
Driving Innovation and Sustainability through Hybrid IT and AI Solutions
Driving Innovation and Sustainability through Hybrid IT and AI Solutions
Easing the burden of Microsoft CSP management
Easing the burden of Microsoft CSP management
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
The Cybersecurity Playbook for Partners in Asia Pacific and Japan

Events

techpartner.news Channel Leader List / Golf day
techpartner.news Channel Leader List / Golf day
techpartner.news Pipeline Conference 2025
techpartner.news Pipeline Conference 2025
Integrate Expo 2025
Integrate Expo 2025
Security Exhibition & Conference 2025
Security Exhibition & Conference 2025
techpartner.news Benchmark Security Awards 2025
techpartner.news Benchmark Security Awards 2025

Most read articles

NEXTGEN "realigns" structure

NEXTGEN "realigns" structure
The Aussie startup building an integration platform for MSPs and SIs

The Aussie startup building an integration platform for MSPs and SIs
Atturra's FY25 revenue to exceed $300m

Atturra's FY25 revenue to exceed $300m
[Opinion] It's time to rethink the MSP machine

[Opinion] It's time to rethink the MSP machine

Log in

Email:
Password:
  |  Forgot your password?