Following reports that people trying to preorder iPhone 4s found that they were logged in to someone else's account
, AT&T has issued a statement saying that they are "looking into the matter" but haven't been able to find the problem so far. An internal source supposedly told Gizmodo
, however, that the security hole happened right after a "fraud update"
brought down all the servers at a company that does AT&T order processing.
AT&T's statement says that they "have been unable to replicate the issue, but the information displayed did not include call-detail records, social security numbers, or credit card information." Anyone else see the inconsistency? Yeah. If you can't replicate the issue, how do you know what was displayed or not displayed?
CYA is understandable, but make it believable, please. To be sure, no one has yet come forward claiming that they saw someone else's credit card info, but that could be because they're on their free trip to Hawaii right now.
Speaking of believability, Gizmodo
- which has been (perhaps understandably
) pushing a lot of "Apple Sucks
(And So Do Their Partners
)" stories of late - has an unconfirmed report from "an AT&T insider" of some server issues that could explain the breach. Someone claiming to work at "a 3rd party order processing facility—what AT&T refers to as a 3CC" says that "there was a major outage over the weekend that impacted all ordering systems and programs." The source didn't seem to have enough information to connect the two events, but said that at the same time, "there were multiple systems being upgraded/updated, with some updates being related to fraud."
AT&T's servers are being blamed for the delays and disconnections in the iPhone preorder process yesterday, with Apple's servers able to deal with the increased load: apparently only during the eligibility checking process did things bog down. I mean, it felt wicked low-tech filling out a piece of paper
(that said "Reserve Your's
TODAY!") and giving it to a lady who asked me if I was "illegible" for upgrade pricing, but at least the order went through.
Um, I hope.