SAN FRANCISCO – AT&T Inc said some users of Apple’s iPad have had personal information exposed via a network security flaw, two months after the tablet computer was launched and smashed sales expectations.
The breach, first reported by the website Gawker, led to the exposure only of email addresses, AT&T said in a statement. The wireless operator has exclusive U.S. rights to carry the iPad and the popular iPhone.
The company apologized and said it will inform any customers who had been impacted by the security breach. AT&T said it learned of the problem on Monday and has since corrected the flaw.
“This issue was escalated to the highest levels of the company and was corrected by Tuesday; and we have essentially turned off the feature that provided the email addresses,” spokesman Mark Siegel said in an email statement.
Apple did not respond to a request for comment.
The iPad, launched in April, has already sold more than 2 million units worldwide. Buzz around the device—which alongside the iPhone will form a pivotal part of the company’s international growth strategy—helped propel Apple past Microsoft in May to become the world’s most valuable technology stock.
But rivals from Dell to Hewlett-Packard are now scrambling to get rival offerings onto the fledgling market, and the security breach could pose a potential embarrassment for Apple’s two-month-old device.
On Wednesday, Gawker said it was informed of the flaw and given a list of the email addresses by a group of hackers.
Its report said more than 100,000 iPad user accounts may have been compromised. Gawker reported that it obtained a list of email addresses that included celebrities, politicians and chief executives.
AT&T is now the sole wireless carrier for the iPad and the iPhone in the United States. But it continues to draw harsh criticism from iPhone users over the quality of its network, and the security breach acknowledged Wednesday may add fuel to that fire.
The carrier said the flaw led to exposure of iPads’ integrated circuit card IDs, which identify SIM cards in mobile devices.
“The only information that can be derived from the ICC IDS is the email address attached to that device,” AT&T said in its statement.
Analysts speculate that AT&T arch-rival Verizon Wireless may eventually win the right also to carry Apple’s iPhone, perhaps as early as 2011.
The company said it will continue to investigate the matter. AT&T said the group who discovered the flaw did not inform the company, which was alerted to the problem by an unidentified business customer.