Sunday, June 13, 2010, 07:00 pm PT (10:00 pm ET)
AT&T sends out iPad 3G email leak acknowledgmentFollowing the web attack that enabled black hat hackers to obtain a list of private email addresses of its iPad 3G subscribers, AT&T has mailed out a vaguely apologetic acknowledgment of the event explaining what happened.
The event resulted in an FBI investigation of the attack, which exploited a feature on AT&T's website that auto-populated a user's email address on record when their iPad 3G SIM card serial number was entered into the page.
The attack used scripts to repeatedly poll the site for email addresses based on plausible serial numbers, resulting in a long list of emails tied to specific iPad SIM cards. although no other information was gained.
AT&T has since disabled the feature, so customers logging into the site will have to both enter their SIM card serial number and their email address.
A copy of the letter was posted by BGR (below).
On Topic: AT&T
- AT&T drops price of 2GB no-contract plan by $15, T-Mobile doubles down on 'Simple Choice'
- AT&T beats Street with $6.9B Q4 profit, shows strong contract customer retention
- AT&T to let content providers pick up bandwidth tab with new 'sponsored data' service
- Retailers discount iPhone 5s down to $120, AT&T offers customers $450 to leave T-Mobile [u]
- AT&T CEO says smartphone subsidies must end as T-Mobile sweetens iPhone deal