FBI begins probe into AT&T iPad security breach

WASHINGTON/NEW YORK Fri Jun 11, 2010 11:30am EDT

Visitors walk past a poster advertising the new iPad at an Apple retail store in Madrid May 28, 2010. REUTERS/Susana Vera

Visitors walk past a poster advertising the new iPad at an Apple retail store in Madrid May 28, 2010.

Credit: Reuters/Susana Vera

Related Video

Video

iPad user data exposed

Thu, Jun 10 2010

Related Topics

WASHINGTON/NEW YORK (Reuters) - The Federal Bureau of Investigation has opened a probe into a security breach of Apple Inc's iPad that exposed personal information of AT&T Inc customers, including those of several high-ranking government officials.

The breach, first reported by the website Gawker, occurred when a group calling itself Goatse Security hacked into AT&T's iPad subscriber data, obtaining a list of email addresses that also included celebrities, chief executives and politicians.

"The FBI is aware of these possible computer intrusions and has opened an investigation to address the potential cyber threat," FBI spokesman Jason Pack said on Thursday.

AT&T, which has exclusive U.S. rights to carry the iPad and the popular iPhone, has acknowledged the security breach but said it had corrected the flaw and that only email addresses were exposed to hackers who identified a security weakness.

It declined to comment on the FBI investigation.

The quick FBI probe into the security flaw came amid reports of several high-ranking government officials on the list of iPad owners with compromised personal information.

In all, more than 100,000 email addresses are believed to have been exposed. Goatse could not immediately be reached for comment.

One source in the telecommunications industry said it was not surprising that the FBI was looking at the breach.

"If there's a high profile data compromise it's not unusual to get a phone call from government officials," said the executive, who asked not to be named.

The iPad, launched in April, has already sold more than 2 million units worldwide.

NO COMPROMISE?

The iPad, launched in April, has already sold more than 2 million units worldwide. Buzz around the device -- which alongside the iPhone will form a pivotal part of the company's international growth strategy -- helped propel Apple past Microsoft Corp in May to become the world's most valuable technology stock.

But rivals from Dell Inc to Hewlett-Packard Co are scrambling to get rival offerings onto the fledgling market, and the security breach could pose a potential embarrassment for Apple's 2-month-old device.

Security experts said it was unlikely that other information besides email addresses had been compromised.

Charlie Miller, an analyst with Independent Security Evaluators, argued that the breach had nothing to do the iPad's security.

"The actual vulnerability is pretty basic, but the loss of data is not serious, in my opinion. The data on the iPad and the devices themselves were never compromised or vulnerable," Miller said via e-mail.

George Kurtz, chief technology officer for security software company McAfee, also downplayed the severity of the breach.

"I would guess that this application vulnerability gained so much attention because, after all, it is Apple we are talking about," Kurtz wrote in a blog post.

"The hype around Apple products -- like the new iPhone and iPad -- is amazing. However, the reality is this type of vulnerability isn't really news and happens all day long."

But the security gaffe isn't likely help AT&T win any friends among Apple customers. The carrier has been criticized by iPhone users for the quality its network.

Still, few people thought the security snafu would hurt AT&T's relationship with Apple.

"Everybody realizes security is an issue all companies have to deal with," BTIG analyst Walter Piecyk said. "Apple has endured the reputation of AT&T's network, which seems to be a much bigger deal."

(Reporting by Jeremy Pelofsky in Washington D.C., Sinead Carew in New York and Gabriel Madway in San Francisco; Editing by Bernard Orr, Tim Dobbyn and Richard Chang)

FILED UNDER:
We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (3)
Storyburn_has wrote:
Are you going to check your bank account on your data phone? no way Jose!

Jun 10, 2010 9:57pm EDT  --  Report as abuse
Dahc wrote:
People say this falls on AT&T and not Apple, i say it falls on both of them. Holes in AT&T and holes in the OS.

Jun 11, 2010 8:54am EDT  --  Report as abuse
finneganG wrote:
The only reason the FBI is conducting a probe is because of the White House use of this system. The “probe” shouldn’t be looking at the software security breach; it should be reviewing White House security procedures for the introduction of new systems there.

Jun 11, 2010 9:26am EDT  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.