Network Security Bulletin - AT&T Loses iPad Emails Through Website Bug

Published: 25 Jun 2010


On June 7, 2010 a group of French security experts called Goatse Security, discovered a vulnerability in AT&T's web portal. Goatse hackers were able create a script and code which generated random serial numbers of AT&T SIM cards and repeatedly queried an AT&T web address. This vulnerability was limited to just iPad 3G subscribers. When a valid serial number was generated and accepted by the AT&T web portal, an iPad 3G subscribers' email address was filled in the log-in screen. As a result of Goatse's findings, over 114,000 email addresses of iPad owners were revealed, many belonging to government officials and company executives.

Frost & Sullivan Opinion

While this type of vulnerability is common, it is important to emphasize awareness for companies to continually run vulnerability testing, especially when dealing with customer information. While vulnerabilities disclosed by third parties will occur, having the proper vulnerability management solutions in place will bring on a more positive public image with current and future customers.

Vulnerability testing is vital and should be run on all services provided by vendors

While finding and protecting a company's services from vulnerabilities is an on-going process, continued testing must be a priority to protect not only the company's assets but to also protect its customers' sensitive information. Without appropriate testing done beforehand, companies such as AT&T, can foresee major problems that not only affect their portals and networks but also put customer information in jeopardy. Failure to run vulnerability tests routinely shows a lack of understanding and awareness of potential threats, which can result in severe damages.

Sign in to read the rest of this article

Not signed up? Register now Forgot your password?

Help Desk

Full list of offices

For more information and general enquiries, contact Frost & Sullivan near you.

North America
tel: +1.877.463.7678

Select a location near you..