Over 114 Thousand 3G iPad Owners’ Email Addresses Harvested – Is Spam The Worst Consequence For Users?

This won’t end well for anyone. Today Gawker revealed that a 4chan-esque group calling itself Goatse Security was able to skirt AT&T security (or lack of it) and obtain the email addresses of over 114,000 3G iPad users. And even though they informed AT&T of this security hole, still more addresses may have been compromised as the group shared the PHP script used to harvest the addresses with third parties beforehand. Even worse: AT&T didn’t tell iPad owners about this breach, even though they’ve known for a couple of days.

That’s the icing on FailCake.

The security hole is now closed, but much damage has been done. It unclear if the hackers behind Goatse Security had any intention of actually using the data, but the unnamed third-parties might. And if a group of people can find this relatively easy to exploit hole in AT&T’s fences, I wouldn’t blame users for having little confidence in their ability to protect data from hackers with more malicious intent.

Granted, the data collected by this exploit was just email addresses, not passwords or other sensitive information. But it seems a lot of government officials, military officers, and high-ranking business executives use the 3G iPad and now several people know that and have their addresses. I’d like to be able to ping Rahm Emanuel with some advice for the President at any time, but I doubt that he’d appreciate it.

The thing that strikes me is that many of the domains are clearly military and government — why are military and government officials using their work email addresses on the iPad? Isn’t there a lot of sensitive information that goes through those accounts? Considering the back and forth last year over whether the president could have a BlackBerry, I’m a little surprised that the iPad is considered secure enough for this. And hey, maybe it’s not.

The other bits of information revealed in this sweep are the ICC IDs of the iPad owners. From Gawker: “ICC-ID stands for integrated circuit card identifier and is used to identify the SIM cards that associate a mobile device with a particular subscriber.” Can having this ID give hackers access to the data transmitted over 3G? Security experts interviewed by Gawker say no, but I doubt that’s going to make 3G iPad owners rest any easier.

So far there’s been no word from Apple on this (AT&T responded to Gizmodo here), but it will be fun to guess who blames who in the coming days. And as Gizmodo’s John Herrman points out, the biggest thing you might have to worry about from this particular incident is more spam. (At least it’s likely to be targeted spam. Here’s a flood of iPad cases!) But this highlights a serious problem regarding security and customer privacy.

Skipping AT&T’s data plan and getting the Wi-Fi version iPad plus a MiFi or other mobile hotspot is looking better and better.

Image Credit: Gawker

Email* (will not be published)
*Indicates required field
Submit Comments

  1. get a laptop Says:

    Never know, when these hackers get into the databases. Every one would now make Goats responsible for the security carellessness.Compromising on few number of email-adressess is not a good idea too.

  2. Not Iphones? Says:

    Just wondering why the hackers didn’t also target Iphone user’s email addresses as theres a much larger number of potential victims there.

All Product Types Accessories Cars Digital Camcorders Digital Cameras eReaders GPS Laptops MP3 & Video Players Projectors Smartphones Software Storage Tablets / MIDs VoIP Wi-Fi
All Subcategories
All Subcategories All-Purpose Budget Business Desktop Replacement Gaming Multimedia Netbook Nettop Rugged Student Tablet PCs Ultraportable
Acer Alienware Apple Archos ASUS Averatec BenQ CTL Corp. Dell Digital Storm eMachines Emtec Everex Fujitsu GammaTech Gateway General Dynamics Getac Gigabyte Hercules HP HTC iBuyPower Intel Lenovo MSI Nokia Nvidia OCZ OLPC OQO Origin Panasonic Sager Samsung Sony Sylvania Systemax TabletKiosk Toshiba Verizon Viewsonic Viliv VooDoo Workhorse PC ZT Systems
Minimum Rating
Any Rating 4.5 Stars 4.0 Stars 3.5 Stars 3.0 Stars
Screen Size
10 11 12 13 14 15 16 17 18 20 4 5 6 7 8 9
1024x576 1024x600 1024x768 1200X800 1280 x 720 1280x1024 1280x768 1280x800 1366x678 1366x768 1440x1050 1440x900 1600x768 1600x900 1680x1050 1680x945 1920x1080 1920x1200 800x400 800x480
Weight Range
10.1 - 12.0 pounds 12.1 - 14.0 pounds 14.1 - 16.0 pounds 2 lbs 2 pounds and under 2+ lbs 2.1 - 4.0 pounds 4.1 - 6.0 pounds 6.1 - 8.0 pounds 8.1 - 10.0 pounds Over 16 pounds Under 2 pounds
more options