Police in the US have arrested a member of the team that found a vulnerability affecting various iPad users on the AT&T network.
Andrew Auernheimer, a key member of Goatse Security that recently claimed to have found a security hole on the AT&T website containing iPad user information, was detained in Arkansas but for drug charges rather than anything iPad related, CNET has reported.
Auernheimer has previously been arrested for alledgedly providing a fake name to police officers responding to a parking complaint, Lieutenant Mike Perryman, of the Fayetteville Police Department, told CNET.
However, the authorities did not confirm why a warrant had been drawn up prior to the arrest, or whether it had anything to do with the authority's work on the AT&T case.
Earlier this month, Goatse Security said it had taken information about the vulnerability on the website to Gawker, an online gossip site. Goatse claimed to have accessed AT&T's iPad subscriber information containing around 114,000 email addresses, including those of high up politicians and business executives.
AT&T confirmed that it had closed the security hole and that it was only email addresses that had been accessed.
Mark Siegel, executive director of media relations at AT&T, told IT PRO: "The hackers did not inform us in advance about what they claimed to uncover."
Goatse claimed in a blog post that it had waited until the hole was fixed by AT&T before taking information to Gawker.
"We did not contact AT&T directly, but we made sure that someone else tipped them off and waited for them to patch until we gave anything to Gawker," Goatse added.
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
Hackers are targeting Ivanti VPN users again – here’s what you need to knowNews Ivanti has re-patched a security flaw in its Connect Secure VPN appliances that's been exploited by a China-linked espionage group since at least the middle of March.
-
Broadcom issues urgent alert over three VMware zero-daysNews The firm says it has information to suggest all three are being exploited in the wild
-
Nakivo backup flaw still present on some systems months after firms’ ‘silent patch’, researchers claimNews Over 200 vulnerable Nakivo backup instances have been identified months after the firm silently patched a security flaw.
-
Everything you need to know about the Microsoft Power Pages vulnerabilityNews A severe Microsoft Power Pages vulnerability has been fixed after cyber criminals were found to have been exploiting unpatched systems in the wild.
-
Vulnerability management complexity is leaving enterprises at serious riskNews Fragmented data and siloed processes mean remediation is taking too long
-
A critical Ivanti flaw is being exploited in the wild – here’s what you need to knowNews Cyber criminals are actively exploiting a critical RCE flaw affecting Ivanti Connect Secure appliances
-
Researchers claim an AMD security flaw could let hackers access encrypted dataNews Using only a $10 test rig, researchers were able to pull off the badRAM attack
-
A journey to cyber resiliencewhitepaper DORA: Ushering in a new era of cyber security
