MobileMe mixup: Address book snafu exposes personal data to strangers?


MobileMe mixup: Address book snafu exposes personal data to strangers?: “

Filed under: , , ,

Face it: your address book and your contacts, they’re personal. They reveal a lot about you: your friends, your business partners, your cake buying proclivities, and more. The address book you see at the top of this post appears to be for someone in the Denver area. I know that because of the REI Denver listing and Le Bakery Sensual on 6th, which I drive by whenever I head East from Broadway.

digg_url = ‘;
tweetmeme_url = ‘; tweetmeme_source = ‘tuaw’;

These contacts, along with their notes, their phone numbers, dates of birth, and other information say a lot about the person whose address book this is, and also about the people who appear in that contact list, with all their personal and professional info.

There’s one big problem. The screen shot you see wasn’t made by the person who owns this account. Under certain very specific conditions, Apple is inadvertently sharing data from other people’s accounts. Ouch.

A TUAW reader sent us a video made as he renewed his account from the UK. The address book data he accessed during that time included this Denver-based set shown here, as well as data from an Ireland-based user of Polish descent (all his contacts were back in Poland although his business was based in Ireland).

This all went down during the period when his MobileMe account was renewing. Each time he logged off and back on, he was presented with yet another set of contacts–none of them his. He writes, ‘Each time I logged off and on I got a different address book. All the other options were disabled (because my renewal was being processed) but clicking the Contacts icon showed me *an* address book,’ just not his address book.

With a little Internet-fu, he checked out some of the numbers and found that they were valid and operational. This leads him to believe that this is real data. My inspection of the local Denver data from his screen shots convinces me of the same. Further inspection of work addresses and personal family names makes us believe we know whose Denver-based address book this is. We’ve attempted to contact this person but as yet have not heard back.

The address book glitch ended once the registration process finished, leaving our TUAW reader with a series of screen shots and videos and a deep concern about Apple’s ability to safeguard personal data. He’s already contacted Apple about the bug. ‘I contacted them by two means: their web-chat thing where they told me that they ‘had no reports of such an issue’. They suggested closing and reopening Safari (helpful eh?) and a generic autoresponse saying they’d reply within 5 days when i sent an email.’ He adds, ‘I don’t think the people manning the help desk appreciated the seriousness of the situation.’

TUAW has sent a heads-up to Apple and will keep monitoring the situation to see how it develops.

TUAWMobileMe mixup: Address book snafu exposes personal data to strangers? originally appeared on The Unofficial Apple Weblog (TUAW) on Mon, 12 Oct 2009 20:45:00 EST. Please see our terms for use of feeds.

Read‘|’Permalink‘|’Email this‘|’Comments

Add to digg
Add to
Add to Google
Add to StumbleUpon
Add to Facebook
Add to Reddit
Add to Technorati

Sponsored Topics:
AppleTUAWUnofficial Apple WeblogMobileMeSafari

(Via The Unofficial Apple Weblog (TUAW).)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: