Hi this is the housemate. Here is an article detailing the FBI involvement in the iPad user account hacking. We did not get the letter from AT&T, but we are sending our info to the FBI because our data was breached and the emails from AT&T, we think, are peculiar, but it may simply be incompetence. Hopefully the juxtaposition is mere coincidence.
[ Fair Use: For Educational / Research / Discussion Purposes Only ]
http://online.wsj.com/article/SB10001424052748703389004575305611381540180.html
June 14, 2010, 1:38/pm ET, by Andrew Dowell
AT&T Blames iPad Incident on 'Malicious' Hackers
AT&T Inc., reaching out to iPad users Sunday to explain why their email addresses were released last week, blamed the incident on "computer hackers" who "maliciously exploited" an attempt by the carrier to speed the process of logging in to its website.
The comments were the harshest yet by the carrier, which apologized for the security lapse and said it would cooperate with any efforts to investigate or prosecute the breach.
"AT&T takes your privacy seriously and does not tolerate unauthorized access to its customers' information or company websites," the company said.
A group of computer experts calling itself ****** Security uncovered the flaw and then turned the results over to Gawker Media LLC to be made public last week. Escher Auernheimer, a member of the group, said in a blog post overnight that it acted to protect users and chided AT&T for taking several days to inform customers after becoming aware of the security breach.
"If not for our firm talking about the exploit to third parties who subsequently notified them, they would have never fixed it," Mr. Auernheimer said. "We know what we did was right."
AT&T sent the comments in an email to the roughly 114,000 users of the iPad 3G it determined were affected by the incident. The carrier said only users' email addresses and numbers that identify their devices to AT&T's network were exposed, and that no other personal or account information was at risk.
Still, AT&T warned users to be alert to scams that try to fool them into turning over more personal data. Such attacks, called "phishing," typically involve emails that purport to be from a trusted source. Security experts say they can be more effective if the victim's identity is known.
The email was sent by Dorothy Attwood, AT&T's senior vice president for public policy and chief privacy officer.
Last week's incident involved prominent officials in companies, politics and the military. The Federal Bureau of Investigation said last week it has opened an investigation into the security breach, but wouldn't say what the probe will focus on. New York-based Gawker Media said it has been contacted by the FBI to preserve information related to the matter, but said it doesn't believe it is a target of the probe.
Jennifer Granick, civil-liberties director at the Electronic Frontier Foundation, said last week the Computer Fraud and Abuse Act generally prohibits unauthorized access to computers. The question is whether typing information into a public website is unauthorized, she said.
Also, prosecutors will consider what individuals do with the data they obtain before deciding whether to bring charges.
[ Fair Use: For Educational / Research / Discussion Purposes Only ]
http://online.wsj.com/article/SB10001424052748703389004575305611381540180.html
June 14, 2010, 1:38/pm ET, by Andrew Dowell
AT&T Blames iPad Incident on 'Malicious' Hackers
AT&T Inc., reaching out to iPad users Sunday to explain why their email addresses were released last week, blamed the incident on "computer hackers" who "maliciously exploited" an attempt by the carrier to speed the process of logging in to its website.
The comments were the harshest yet by the carrier, which apologized for the security lapse and said it would cooperate with any efforts to investigate or prosecute the breach.
"AT&T takes your privacy seriously and does not tolerate unauthorized access to its customers' information or company websites," the company said.
A group of computer experts calling itself ****** Security uncovered the flaw and then turned the results over to Gawker Media LLC to be made public last week. Escher Auernheimer, a member of the group, said in a blog post overnight that it acted to protect users and chided AT&T for taking several days to inform customers after becoming aware of the security breach.
"If not for our firm talking about the exploit to third parties who subsequently notified them, they would have never fixed it," Mr. Auernheimer said. "We know what we did was right."
AT&T sent the comments in an email to the roughly 114,000 users of the iPad 3G it determined were affected by the incident. The carrier said only users' email addresses and numbers that identify their devices to AT&T's network were exposed, and that no other personal or account information was at risk.
Still, AT&T warned users to be alert to scams that try to fool them into turning over more personal data. Such attacks, called "phishing," typically involve emails that purport to be from a trusted source. Security experts say they can be more effective if the victim's identity is known.
The email was sent by Dorothy Attwood, AT&T's senior vice president for public policy and chief privacy officer.
Last week's incident involved prominent officials in companies, politics and the military. The Federal Bureau of Investigation said last week it has opened an investigation into the security breach, but wouldn't say what the probe will focus on. New York-based Gawker Media said it has been contacted by the FBI to preserve information related to the matter, but said it doesn't believe it is a target of the probe.
Jennifer Granick, civil-liberties director at the Electronic Frontier Foundation, said last week the Computer Fraud and Abuse Act generally prohibits unauthorized access to computers. The question is whether typing information into a public website is unauthorized, she said.
Also, prosecutors will consider what individuals do with the data they obtain before deciding whether to bring charges.
