The FBI is looking into the circumstances that led to the loss of over 114,000 iPad 3G owner’s names and email addresses from the AT&T Web site. The federal agency is apparently investigating the incident to determine whether or not a crime was committed, according to Computerworld.
“The FBI is aware of these possible computer intrusions and has opened an investigation into addressing the potential cyberthreat,” commented FBI spokesperson Lindsay Godwin.
Hackers from a group called “Goatse Security” managed to find a way into AT&T’s servers through the company’s Web site and made off with the account info for thousands of iPad 3G owners. The group gave a copy of the list — complete with the names and email addresses of company CEOs, politicians and military officials — to Gawker, the parent company of Gizmodo.
The list of accounts was culled by using a PHP script that guessed SIM card identifier numbers, sent those numbers as requests to AT&T’s servers, and received account names and email addresses in response. According to AT&T, the script exploited a Web site feature that auto-filled information when iPad 3G users viewed their account information.
While the stolen account information can be used to spam iPad users, so far it looks like the hackers won’t be able to use the data to gain access to individual iPads. According to University of Virginia Computer Science PhD, Harsten Nohl, “Data connections are typically well encrypted… the disclosure of ICC-ID [SIM card codes] has no direct security consequences.”
In response to the incident, AT&T spokesperson, Mark Siegel told The Mac Observer, “AT&T was informed by a business customer on Monday of the potential exposure of their iPad ICC IDS. The only information that can be derived from the ICC IDS is the e-mail address attached to that device.”
AT&T has since changed how its Web site handles iPad 3G user account requests to prevent the security breach from happening again.
The FBI didn’t say who requested the investigation.