US telecoms giant AT&T is in another pickle after yesterday's rush to pre-order Apple's latest iPhone descended into chaos.
Gizmodo has heard from an AT&T insider who says that the debacle was caused by a mjor security update which went horribly wrong.
The whistle-blowing employee, who works at the telco's ordering facility, says: "Over the weekend there was a major fraud update that went down on all of AT&T's systems, from Saturday overnight to Sunday early morning. All systems were down and agents were unable to use any systems."
It's not known whether the security panic was prompted by the recent attack on the company's servers by hacking group Goatse, but it's an easy assumption to make, given the botched nature of the update.
"There was absolutely no testing of this system done before the launch of the new iPhone," said the insider, "I know it's just heresay (sic) at this point, but I can confirm that there was a major outage over the weekend that impacted all ordering systems and programs, and I can confirm that there were multiple systems being upgraded/updated, with some updates being related to fraud."
People logging in to their AT&T accounts were shocked to find that they were confronted with account details for other people. Since the story broke, multiple users have contacted Gizmodo with tales of breached security, one correspondent even being given the details of an official US Air Force account.
AT&T has insisted that it was not able to replicate the flaw, but was sure that no call records, social security numbers or credit card details were exposed.
Quite how the company knows what information was exposed without being able to replicate the flaw is beyond us.
AT&T has an exclusive contract with Apple in the USA to provide airtime contracts for it's iDevices. We're not sure how long that will remain the case as its pretty certain that securing customer details will part of AT&T's contractual obligation with the Cupertino cabal.
The folks at Verizon must be rubbing their hands together gleefully.