Thousands of iPad users have email addresses exposed in hacking attack

June10

The Daily Mail reports that the email addresses of more than 114,000 Apple iPad users have been exposed in a targeted hacking attack in the US. The massive security breach leaves all of those affected open to spam and malicious hacking.

The vulnerability affected only iPad users who signed up for AT&T’s 3G wireless internet service. A hacker group that calls itself Goatse Security claims to have discovered the weakness by tricking AT&T’s site into giving up the email addresses.

iPad users in the UK will not have been exposed as the breach was an issue with AT&T’s security procedures rather than with Apple itself.

AT&T admitted today that a security weak spot involved an insecure way its website would prompt users when they tried to log into their AT&T accounts through their iPad. The site would supply users’ email addresses to make log-ins easier, based on unique codes contained in the SIM cards inside their iPads.

White House Chief of Staff Rahm Emanuel and New York Mayor Michael Bloomberg were among those listed. The emails of CEOs and executives of companies like The New York Times, Time Inc. and Dow Jones as well as senior military personnel were also compromised. The list was passed to Gawker’s Valleywag technology website.

Gawker is part of the same group as Gizmodo, which has been in a running battle with Apple over the past few months after it picked up a prototype iPhone 4 which had been left in a bar by a member of Apple’s staff. A representative for the Goatse group said today they had contacted AT&T and waited until the vulnerability was fixed before going public with the information.

Even though only emails have been exposed they can still be used to launch an attack. Criminals could use that knowledge to trick them into opening emails that plant malicious software on their computers. Apple refused to comment on the breach.

The iPad comes in two different set-ups – one that only connects to the internet via wi-fi, and another that also can connect through AT&T’s 3G network. The wi-fi-only models are not affected by the breach.

Access the original article online at: http://www.dailymail.co.uk/sciencetech/article-1285505/Apple-iPad-security-breach-114-000-email-addresses-exposed.html#ixzz0qSk8ykY8

posted under Technology, cyber crime

Ringleader of child porn network used Facebook to distribute images
4:30 pm, August 27, 2010

Mothers’ group outraged after their Facebook campaign to expose paedophiles is removed
9:30 am, August 27, 2010

Cigarette firms ‘are using product placement on web’
4:30 pm, August 26, 2010

Teenage murders linked to ‘Facebook hitlist’
11:13 am, August 26, 2010

California looks to outlaw online impersonation
4:30 pm, August 25, 2010

Web scam hits iTunes and Paypal users
10:47 am, August 25, 2010

No sympathy for those who traffic child porn
4:00 pm, August 24, 2010

One in 20 people reprimanded for inappropriate emails
10:34 am, August 24, 2010

The facial recognition software that will put a name to every photograph in the internet
4:00 pm, August 23, 2010

How to create a ’super password’
11:23 am, August 23, 2010