We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

FBI to investigate iPad email address leak

Website bug made 114,000 email addresses available

The FBI is investigating a glitch on the AT&T website, which saw the email addresses of 114,000 Apple iPad owners made available.

Hackers belonging to a group called Goatse Security obtained the email addresses after uncovering a web application on AT&T's website that returned an iPad user's email address when it was sent specially written queries.

After writing an automated script to repeatedly query the site, they downloaded the addresses, and then handed them over to Gawker.

Now the FBI is trying to figure out whether this was a crime.

"The FBI is aware of these possible computer intrusions and has opened an investigation into addressing the potential cyberthreat," said Lindsay Godwin, an FBI spokeswoman.

The investigation was opened by the FBI's Washington Field Office, she said.

Godwin did not know if the investigation was opened at the request of Apple or AT&T.

AT&T declined to comment, and Apple has not replied to requests for comment.

According to Gawker, Goatse hackers were able to download email addresses belonging to White House Chief of Staff Rahm Emanuel, New York Mayor Michael Bloomberg and ABC News anchor Diane Sawyer.

They also gained access to addresses belonging to employees of Google, Amazon, Microsoft and the US military.

The hackers did this by guessing thousands of unique numbers - called ICC-ID (Integrated Circuit Card Identifier) - belonging to iPad users and feeding them into the AT&T website.

US law prohibits the unauthorized accessing of computers, but it is unclear whether the script that the Goatse group used violated the law, said Jennifer Granick, civil liberties director with the Electronic Frontier Foundation.

"The question is, when you do an automated test like this, [are you] getting any type of unauthorised access or not," she said.

If it turns out the data in question was not misused, it is unlikely that federal prosecutors will press charges, she added.

See also: How to buy an Apple iPad - Apple iPad FAQs


IDG UK Sites

Microsoft smartwatch release date, price and specs rumours: Launching within a few weeks

IDG UK Sites

Why you shouldn't buy the iPad mini 3: No wonder Apple gave it 10 seconds of stage time

IDG UK Sites

Halloween Photoshop tutorials: 13 masterclasses for horrifying art, designs and type

IDG UK Sites

Should I upgrade from Mavericks to OS X 10.10 Yosemite? What you need to know before updating to...