It began as a security glitch in AT&T’s servers that allowed the hacker security group Goatse Security to download the email addresses and iPad ID’s of 114,067 users. Among those affected were Diane Sawyer, Harvey Weinstein, Michael Bloomberg, Rahm Emanuel, and several high ranking government and military officials.
Once Goatse had the information, it passed it on to Gawker, which published the story. AT&T had already patched the hole, but not before others may have accessed the vulnerability and downloaded information. Now the FBI is demanding that Gawker hold onto the records.
According to a report from the Wall Street Journal, the FBI has begun an investigation into the security breach, but it is still unclear what the focus of the investigation will be.
AT&T is claiming that the hacker group never contacted them, and so the fault lies with Goatse. In response, Goatsee issued a response on its blog, claiming that “this is as ‘nice guy’ as it gets.”
“All data was gathered from a public webserver with no password, accessible by anyone on the Internet. There was no breach, intrusion, or penetration, by any means of the word,” the statement claimed. “The dataset was not disclosed until we verified the problem was fixed by the vendor. The only person to receive the dataset was Gawker journalist Ryan Tate who responsibly redacted it.”
The blog also claims that it did not contact AT&T, but it tipped off a third party that would, then waited until the security hole was plugged before giving the information to Gawker.
“We did not try to hack your iPads,” Goatse said. “Your iPads are safer now because of us.”