Apple iPad users' e-mail addresses harvested by hackers

Michael Bloomberg, New York Mayor Will New York Mayor Michael Bloomberg be concerned about his email address being revealed?

Related Stories

The US telephone company AT&T has blocked access to a website feature that revealed details of at least 114,000 iPad users' e-mail addresses.

Contact details for a range of high-profile figures, including White House Chief of Staff Rahm Emanuel are believed to be among those disclosed.

Hackers calling themselves Goatse Security revealed the flaw and shared the data with Gawker Media.

Experts played down the risks, saying little critical data had been lost.

AT&T, which is the only network offering iPad 3G services in the United States, said it would notify all iPad users whose e-mail adresses may have been accessed.

Start Quote

Whilst this breach is serious for having occurred, there does not seem to be any national security risk arising as a result”

End Quote Paul Ducklin Sophos

"We take customer privacy very seriously and while we have fixed this problem, we apologize to our customers who were impacted," the company said in a statement.

The vulnerability only involved iPad users who had signed up for AT&T's 3G wireless service. iPad users outside of the US were unaffected.

Site bombarded

The breach involved a feature of AT&T's website, which would prompt users when they tried to log in to their AT&T accounts through their iPad.

The site would supply e-mail addresses for users, to enable easier log-in, based on a unique code stored in their iPad SIM card.

The hacker group which claims to have discovered the flaw simply bombarded the site with thousands of requests with made up codes, masquerading as valid requests from iPads.

Gawker Media, which has seen the list of e-mail addresses said it "includes thousands of A-listers in finance, politics and media, from New York Times Co. CEO Janet Robinson to Diane Sawyer of ABC News to film mogul Harvey Weinstein to Mayor Michael Bloomberg".

A representative for Goatse Security told the Associated Press that the group contacted AT&T and waited until the vulnerability was fixed before going public.

But AT&T said that it was alerted to the problem by a business customer.

Risk of attack

One concern raised by security experts is that cybercriminals might mount so-called phishing attacks.

They could theoretically create genuine-looking e-mails in the knowledge that individuals are iPad users and customers of AT&T, thereby tricking some into revealing further more useful confidential details.

But if you know the organisation somebody works for, e-mail addresses are often also quite easy to guess, so the value of the e-mail address data has been questioned.

Paul Ducklin, a technology expert from security firm Sophos, also pointed out in a blog entry: "Your e-mail address is revealed on the internet every time you use it to send e-mail.

"Whilst this breach is serious for having occurred, there does not seem to be any national security risk arising as a result, whether White House staffers were involved or not."

More on This Story

Related Stories

FROM OTHER NEWS SITES
Telegraph FBI to investigate AT&T iPad data breach - 5 hrs ago
Sky News FBI Examines iPad Cyber Threat - 5 hrs ago
Yahoo! UK and Ireland FBI Investigates iPad Cyber Security Breach - 7 hrs ago
CNET News What the AT&T breach means for iPad users (FAQ) - 10 hrs ago
Reuters UK UPDATE 2-FBI begins probe into AT&T iPad security breach - 10 hrs ago

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features & Analysis

  • Prostitute in red light district in Seoul, South KoreaSex for soldiers

    How Korea helped prostitutes work near US military bases


  • LuckyDumped

    The rubbish collector left on the scrap heap as his city cleans up


  • Jamal Bryant'Buying black'

    Ferguson campaign targets Black Friday


  • Walmart employees and supporters block off a major intersection near the Walton Family Foundation to stage a protest calling for $15 an hour and consistent full-time work in downtown Washington October 16, 2014. Black mark

    Wal-Mart workers revolt against the annual shopping bonanza


Elsewhere on the BBC

  • UnderwaterHidden depths

    How do you explore the bottom of the ocean? BBC Future finds out

Programmes

  • All-inclusive holidaysThe Travel Show Watch

    With all-inclusive holidays seeing a resurgence are local trades missing out to big resorts?

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.