Skip to main content

FBI investigating AT&T iPad data hack

The FBI has opened an investigation into a leak from and AT&T web site which exposed the e-mail addresses of 114,000 iPad users.

The Feds are currently trying to work out whether a group of hackers going under the name of Goatse (please don't Google this unless you have a very strong stomach) had broken any laws by probing the AT&T servers with automated requests for ICC-ID numbers using a PHP script.

According to the US telecoms giant, the script exploited a feature on the Web site designed to auto-fill a login form with an e-mail address in order to speed things up when iPad 3G users went to view their AT&T accounts.

Goatse responded to accusations that the group had acted irresponsibly by saying: "The Goatse Security analyst responsible for the discovery personally verified this hole was closed Tuesday and no longer a threat to the public before we went to Gawker with the dataset and attack details."

The outfit also denied doinng anything illegal, stating: "All data was gathered from a public web server with no password, accessible by anyone on the Internet. There was no breach, intrusion, or penetration, by any means of the word."

It has also been suggested that Gawker, which cynically tried to blame Apple for the breach, had paid Goatse large sums of cash for the revelation, an accusation which the group refutes: "I’ve also heard the insinuation in a lot of Internet comments that Gawker paid us for this scoop," said a spokesgoat. "This is positively false. None of us made any money off of this disclosure. We did it in public interests. Seriously, we are not poor and do not need handouts from blogging companies."

The hole in AT&T's web site was quickly plugged and that data has been destroyed, according to all parties involved.