Apple’s iPad + AT&T = Security Breach

Own a 3G-enabled iPad? You personal data may have been exposed in one of the first kerfuffles to erupt over Apple’s beloved iPad tablet. WiFi-only users? You’re safe for now.

But owners who signed up for 3G service via AT&T have been reportedly subject to an exploit that left nearly 115K iPad owners, including dozens of CEOs, military officials, and top politicians, exposed to hackers whose motives remain unclear.

From what we’re hearing from Gawker’s Valleywag site, the damage seems limited to e-mail addresses alone. However in some cases, these addresses happened to belong to individuals who make them very valuable. 3G subscribers who have been compromised include thousands of A-listers in finance, politics and media.

Would you like to e-mail NY Times Co. CEO Janet Robinson? Or how about Diane Sawyer of ABC News? Is Harvey Weinstein or Mayor Michael Bloomberg more your speed? For hackers who captured these high-level e-mails, even White House Chief of Staff Rahm Emanuel’s address isn’t off-limits. No bueno.

In AT&T’s defense, their security personnel closed the security hole in recent days, but the victims have been unaware, until now. Who did it? Why did they do it? Read on past the jump to learn more about the hacker group responsible for this exploit and how they pulled it off.

The 3G subscriber data was obtained by ‘Goatse Security.’ Unfortunately named after the infamous Internet gross-out picture, but who previously highlighted real security vulnerabilities in the Firefox and Safari Web browsers and Amazon’s community ratings system, exploited a script directly on the AT&T web site.

When provided with an ICC-ID as part of an HTTP request, the script would return the associated email address, in what was apparently intended to be an AJAX-style response within a Web application. Because ICC-ID’s were easily guessed or easily determined from the iPad itself, it was trivial to feed the script a list of valid ICC-ID’s.

With a PHP script to automate the harvesting of data, the hacker group scooped up the subscriber data and it’s unclear even now who has viewed this information. Goatse Security notified AT&T of the breach and the security hole was closed.

Still, a big security and privacy blow to early adopters who jumped at the opportunity to own the first 3G iPads. I’m sure privacy and data protection will get a big boost from those whose data was exposed inappropriately.

In a nod to this serious security compromise, companies like The New York Times has emailed all staff suggesting they “turn off your access to the 3G network on your iPad until further notice” while the newspaper’s engineers and security staff investigate the issue.

While it’s highly unlikely the ICC IDs can be used to attack subscribers in any substantial way, losing control of e-mail addresses for high-level executives and politicians will be viewed critically by a public already weary of privacy concerns. And it remains to be seen how this breach may affect iPad buyers who may rely on it for sensitive communications.

    %d bloggers like this: