AT&T says sorry for iPad security breach

AT&T has issued an official apology to 114,000 iPad users whose e-mail addresses were inadvertently leaked by the carrier.

As TG Daily previously reported, the e-mail addresses were obtained by a Goatse researcher who managed to exploit a critical security vulnerability on AT&T’s website.

“The hackers deliberately went to great efforts with a random program to extract the information,” Dorothy Attwood, AT&T’s chief privacy officer, explained in an e-mail to affected users.

“They then put together a list of these e-mails and distributed it for their own publicity. We apologize for the incident and any inconvenience it may have caused.”

However, Attwood emphasized that “no other information [had been] exposed.”

Meanwhile, Goatse continued to defend its action by claiming that all data had been gleaned from a public webserver with no password – which was accessible by anyone on the Internet.

“There was no breach, intrusion, or penetration, by any means of the word,”  the company insisted on its blog.

“The dataset was not disclosed until we verified the problem was fixed by the vendor. The only person to receive the dataset was Gawker journalist Ryan Tate who responsibly redacted it. Your iPads are safer now because of us.”

Nevertheless, the FBI has opened an investigation, while the Federal Communications Commission (FCC) expressed serious concern over the incident.”

“I am concerned about the report of a security breach to AT&T’s network that exposed the personal data of more than a hundred thousand iPad users,” Jamie Barnett, chief of the FCC’s public safety bureau, told the Washington Post.

“The FCC will continue to work with all stakeholders to prevent future security breaches that violate consumer privacy and undermine trust in America’s communications infrastructure.