Information Security News mailing list archives
Hacker defends going public with AT&T's iPad data breach (Q&A)
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 11 Jun 2010 00:02:49 -0500 (CDT)
http://news.cnet.com/8301-27080_3-20007407-245.html By Elinor Mills InSecurity Complex CNet News June 10, 2010 A hacker involved with a highly publicized data breach is taking some flack, but he says he and his colleagues simply acted in the public's best interest. AT&T was forced to scramble to fix a security hole in its Web site that exposed e-mail addresses of more than 100,000 iPad users this week. AT&T says it learned about the Web site flaw from an enterprise customer on Monday and that it was fixed on Tuesday. Goatse Security, the group that uncovered the security flaw, revealed the details to a blog site on Wednesday, touching off a media frenzy. The FBI now says it is investigating the breach, which exposed e-mail addresses of government officials and executives in media, finance, and technology, among others. On Thursday, CNET talked to Escher Auernheimer, one of Goatse's main members and whose hacker name is "Weev," about the group and what motivates them. Q: An AT&T spokesman says the group did not contact the company. Can you comment? Auernheimer: We chose not to engage in a direct dialogue. We did not give details of the attack or the data to anyone until we verified that the hole was closed on their Web site on Tuesday. And we only gave it to Ryan Tate at Gawker Media because he agreed he would censor the ICCIDs and the e-mails so they couldn't be used to compromise anything. We did the best we could. But we did want not engage directly with AT&T in case they tried to serve us (an injunction) or something. [...] _________________________________________________________________ Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada July 24-29th, offering over 60 training sessions and 11 tracks of Briefings from security industry elite. To sign up visit http://www.blackhat.com
Current thread:
- Hacker defends going public with AT&T's iPad data breach (Q&A) InfoSec News (Jun 10)