FBI starts probe into AT&T iPad security breach
Washington, June 11, 2010
The Federal Bureau of Investigation has opened a probe into a security breach of Apple's iPad that exposed personal information of AT&T customers, including those of several high-ranking government officials.
The breach, first reported by the website Gawker, occurred when a group calling itself Goatse Security hacked into AT&T's iPad subscriber data, obtaining a list of email addresses that also included celebrities, chief executives and politicians.
"The FBI is aware of these possible computer intrusions and has opened an investigation to address the potential cyber threat," FBI spokesman Jason Pack said on Thursday.
AT&T, which has exclusive US rights to carry the iPad and the popular iPhone, has acknowledged the security breach but said it had corrected the flaw and that only email addresses were exposed to hackers who identified a security weakness.
It declined to comment on the FBI investigation.
The quick FBI probe into the security flaw came amid reports of several high-ranking government officials on the list of iPad owners with compromised personal information.
In all, more than 100,000 email addresses are believed to have been exposed. Goatse could not immediately be reached for comment.
One source in the telecommunications industry said it was not surprising that the FBI was looking at the breach.
"If there's a high profile data compromise it's not unusual to get a phone call from government officials," said the executive, who asked not to be named.
The iPad, launched in April, has already sold more than 2 million units worldwide.
The iPad, launched in April, has already sold more than 2 million units worldwide. Buzz around the device - which alongside the iPhone will form a pivotal part of the company's international growth strategy - helped propel Apple past Microsoft Corp in May to become the world's most valuable technology stock.
But rivals from Dell to Hewlett-Packard Co are scrambling to get rival offerings onto the fledgling market, and the security breach could pose a potential embarrassment for Apple's 2-month-old device.
Security experts said it was unlikely that other information besides email addresses had been compromised.
Charlie Miller, an analyst with Independent Security Evaluators, argued that the breach had nothing to do the iPad's security.
"The actual vulnerability is pretty basic, but the loss of data is not serious, in my opinion. The data on the iPad and the devices themselves were never compromised or vulnerable," Miller said via e-mail.
George Kurtz, chief technology officer for security software company McAfee, also downplayed the severity of the breach.
"I would guess that this application vulnerability gained so much attention because, after all, it is Apple we are talking about," Kurtz wrote in a blog post.
"The hype around Apple products - like the new iPhone and iPad - is amazing. However, the reality is this type of vulnerability isn't really news and happens all day long."
But the security gaffe isn't likely help AT&T win any friends among Apple customers. The carrier has been criticized by iPhone users for the quality its network.
Still, few people thought the security snafu would hurt AT&T's relationship with Apple.
"Everybody realizes security is an issue all companies have to deal with," BTIG analyst Walter Piecyk said. "Apple has endured the reputation of AT&T's network, which seems to be a much bigger deal."-Reuters