In what's being described as AT&T's worst security breach in recent history, the wireless company went and left sensitive information on 114,067 owners of the iPad 3G exposed on the Web. The subscriber data was obtained by a group calling itself Goatse Security, who then published the personal email addresses of the victims, including military officials, CEOs, prominent politicians, and celebrities.
AT&T, which has confirmed the breach, insists that only email addresses were lifted, and that more sensitive data like credit cards and home addresses were not compromised.
"AT&T was informed by a business customer on Monday of the potential exposure of their iPad ICC IDS," AT&T said in a statement . "The only information that can be derived from the ICC IDS is the e-mail address attached to that device. This issue was escalated to the highest levels of the company and was corrected by Tuesday; and we have essentially turned off the feature that provided the e-mail addresses. The person or group who discovered this gap did not contact AT&T. We are continuing to investigate and will inform all customers whose e-mail addresses and ICC IDS may have been obtained. We take customer privacy very seriously and while we have fixed this problem, we apologize to our customers who were impacted."
While this one falls on AT&T's shoulders, the breach doesn't look good for Apple, either. This latest incident comes just weeks after an Apple employee left an iPhone prototype in a bar.