AT&T iPhone 4 Launch Security Breach

As if 114,000 compromised email addresses and a complete iPhone 4 launch failure weren’t enough, AT&T is now facing another security breach, this time of a more important level.

Apparently, some AT&T customers logging into AT&T’s website get access to other people’s account.

According to Gizmodo:

This is how it happens: A customer tries to log into their AT&T account to order a new iPhone 4 upgrade. Despite entering their username and password, the AT&T system would take them to another user account. This gives access to all kinds of private information about the mistaken customer: Addresses, phone calls, and bills, along with the rest of private information, becomes exposed to random strangers.

An AT&T insider explains what really happened:

Over the weekend there was a major fraud update that went down on all of AT&T’s systems, from Saturday overnight to Sunday early morning. All systems were down and agents were unable to use any systems.

The issues people are seeing at AT&T stores and online are most likely related to this update that went wrong.

I do know that there was absolutely NO TESTING of this system done before the launch of the new iPhone. I know it’s just heresay at this point, but I can confirm that there was a major outage over the weekend that impacted all ordering systems and programs, and I can confirm that there were multiple systems being upgraded/updated, with some updates being related to fraud.

That’s heavy. That’s really heavy!

What says you?

[Image from Giz]

  • Fastfro

    I know that I tried to access the AT&T site about 2:30am sunday morning and was down. Said it would be down till 9pm Sunday. Then last night I tried to log in and every time I clicked a link it would log me out and I’d have to log back in.

  • Jeb Lawrence

    I like turtles.