A hacker group called Goatse Security has succeeded in acquiring the email addresses of a large number of AT&T subscribers thanks to a security hole in the iPad.
According to Gawker, the hackers managed to persuade AT&T to provide the details using a customer ICC-ID, which links a certain device to a customers SIM card.
The security hole has now been fixed, with AT&T claiming that it was a business customer who warned them of the problem, as opposed to Goatse Security.
“AT&T was informed by a business customer on Monday of the potential exposure of their iPad ICC IDS. The only information that can be derived from the ICC IDS is the e-mail address attached to that device,” read an AT&T apology
“This issue was escalated to the highest levels of the company and was corrected by Tuesday; and we have essentially turned off the feature that provided the e-mail addresses.”
A significant number of exposed emails were of top level executives at US media and finance companies, including Dow Jones, Conde Nast, Time Warner, HBO and the US military research arm Darpa.