AT&T exposed personal data belonging to more than 100,000 iPad buyers. The attack exploited a vulnerability in the company s Web site and enabled hackers to obtain the email addresses of people who bought specific iPads. In an email statement about the iPad breach, AT &T takes little responsibility for the incident. Instead of issuing a mea cupla and pledging to do better, the company essentially deflected all the blame to the attackers, says John Defterios. The response to the breach is the corporate version of the Some Other Dude Did it Defense.
Source: https://threatpost.com/att-show-how-not-handle-data-breach-061710/74119/

