[ISN] AT&T e-mail apologizes for iPad breach

From: InfoSec News <alerts_at_private>
Date: Mon, 14 Jun 2010 00:27:37 -0500 (CDT)
http://news.cnet.com/8301-1009_3-20007564-83.html

By Steven Musil
Security
CNet News
June 13, 2010

AT&T sent an e-mail to iPad owners Sunday explaining a security breach 
that occurred on its site and laying much of the blame with the group 
that discovered the hole.

The e-mail, which was signed by AT&T Chief Privacy Officer Dorothy 
Attwood, blamed "self-described hackers" for uncovering a hole in the 
company's Web site that allowed for the exposure of 114,000 e-mail 
addresses belonging to iPad owners, according to a copy posted on Boy 
Genius Report. Among the iPad users who appeared to have been affected 
were White House Chief of Staff Rahm Emanuel, journalist Diane Sawyer, 
New York Mayor Michael Bloomberg, movie producer Harvey Weinstein, and 
New York Times CEO Janet Robinson.

In the e-mail explaining how the breach occurred, Attwood apologized for 
the breach and said "unauthorized computer 'hackers' maliciously 
exploited a function designed to make your iPad log-in process faster by 
pre-populating an AT&T authentication page with the email address you 
used to register your iPad for 3G service":

[...]


_________________________________________________________________
Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit http://www.blackhat.com
Received on Sun Jun 13 2010 - 22:27:37 PDT

This archive was generated by hypermail 2.2.0 : Sun Jun 13 2010 - 22:32:39 PDT