AT&T Pre-Order Glitch Exposes iPhone Customer Data
The security breach occurred when some existing iPhone owners placed advanced orders for the iPhone 4 into a faulty AT&T Web application. AT&T customers opened the application to submit their personal account information for an iPhone upgrade only to find that they were logged into the accounts of other users. The breach potentially exposed names, addresses, and phone numbers and other billing information of unknown iPhone users, Gizmodo reported.
Thus far there have been at least three accounted cases of mistaken login identities, Gizmodo said, although it is possible that there are scads of others.
The telecom giant tentatively attributed the iPhone pre-ordering snafu to a massive outage resulting from a "a major fraud update that went wrong" on an AT&T server.
An AT&T spokesperson told Reuters that it was unclear what information was exposed, but that the company was currently investigating.
However, AT&T told Gizmodo that the company was "unable to replicate the issue," but that the exposed customer data could not have included call-detail records, social security numbers, or credit card information.
Meanwhile, the iPhone 4 security glitch was compounded by further complications with the pre-order process that resulted in Website problems, long AT&T store lines, system outages and extended deliveries for the device.
Coincidentally, the AT&T iPhone security breach follows just a week after a hacker group Goatse Security exploited a security flaw on another company Web application that enabled them to retrieve 114,000 personal email addresses of iPad 3G customers, including those of New York Times Co. CEO Janet Robinson, ABC anchor Diane Sawyer, film mogul Harvey Weinstein and New York Mayor Michael Bloomberg. The incident sparked an official investigation by the Federal Bureau of Investigation.