In more embarrassment for AT&T, the Federal Bureau of Investigations is looking into the brute-force attack on Apple iPad users. The FBI contacted Gawker Media and instructed the company to retain any relevant documents related to a possible security
breach of AT&T's web site.
Goatse Security, a nine-person hacking group, admitted to harvesting 114,000 e-mail addresses of iPad customers, including those of high-level execs, military personnel, and politicians.
On Wednesday, AT&T admitted to a security hole in its web site that exposed iPad users to the breach. Now the FBI wants more information. The FBI told The Wall Street Journal that it is "very early" in an investigation into "possible computer intrusions."
Goatse Serves the American Public?
Goatse is now on the defensive. The company's blog insists the disclosure needed to be made. iPad 3G users had the right to know their e-mail addresses were potentially public knowledge so they can take steps to mitigate the issue, such as changing their e-mail address, Goatse said. The company went so far as to say that its hack was done "in service to the American public."
"Anyways, there was no illegal activity or unauthorized access; this was not a shady backroom hookers and blow deal with Nick Denton as revenge for the iPhone raid (though that would be totally sweet), we did not sell your data to spammers (on the contrary, we destroyed it after Ryan used it; it had served its purpose to us) and we did not try to hack your iPads," Goatse said. "Your iPads are safer now because of us."
Michael Gartenberg, a partner at Altimeter Group, isn't buying Goatse's story. Because the group took confidential, personal information to the press rather than concealing it and working with AT&T directly, the hacker group gave up its moral high ground, he said.
"I'm not surprised the FBI is looking into it. When you look at the list of names of leaked e-mail addresses, there are people in the White House administration and military leaders on there," Gartenberg said. "This really was not just an incidental or accidental leak of information. This was a full-bore attack on this web site to get this private information."
Praetorian Security Group obtained a copy of the PHP script Goatse used to gather the e-mail addresses from AT&T servers. The company said the brute-force attack worked because AT&T used poorly designed software. Apple has yet to comment on the issue.
Although most analysts blame AT&T for the breach, the incident sheds a negative light on the Apple brand. But the fallout could be worse for AT&T.
"This is an AT&T problem. It's not an Apple problem; it becomes an Apple problem because there are iPads involved, and as soon as an Apple product is peripherally involved that makes the story 100 times more sensational," Gartenberg said. "But it really is an AT&T issue."