Goatse Security, the group that hacked into AT&T’s iPad subscriber data, may have thought it was doing a “public service” by revealing a security hole in the carrier’s network that exposed thousands of emails from the device’s early adopters. But AT&T (NYSE: T) apparently doesn’t see it that way.
In an e-mail sent to affected users on Sunday, Dorothy Attwood, SVP of public policy and chief privacy officer at AT&T, apologized for the security breach. She assured users that beyond their personal e-mail and the serial number of their iPad’s SIM card, also known as its integrated circuit card identification (ICC-ID), no other information was leaked. Attwood then turned on the security firm, accusing it of exposing the information for its “own publicity,” and vowing to “prosecute violators to the full extent of the law.” On Friday, the FBI confirmed it had opened an investigation into the hack.
Goatse Security hit back in a post on its blog maintaining that AT&T had plenty of time to inform its users of the breach after Goatse contacted the company about the security hole. AT&T apparently didn’t do so until after Gawker ran the story.
Uh, they’re the ones that should be shot. They’re not really the messenger..they’re the ones behind the breech. That’s kind of how it works. And gee, the checkbook ‘reporters’ at Gawker are involved again. They never learn.
As with any big organization, AT&T is clueless to the core.
What’s better? A security firm outing that there’s a security hole by publishing names and banal numbers and UID’s? Or some Chinese hackers exploiting the hole, stealing credit card data, and not telling anybody of the hack.
This was a public service, and AT&T has it’s head up it’s aPad.