Goatse Security (GoatSec) was a loose-knit, nine-person grey hat hacker group that specialized in uncovering security flaws. It was a division of the anti-blogging Internet trolling organization known as the Gay Nigger Association of America (GNAA). The group derives its name from the Goatse.cx shock site, and it chose "Gaping Holes Exposed" as its slogan. The website has been abandoned without an update since May 2014.

In June 2010, Goatse Security obtained the email addresses of approximately 114,000 Apple iPad users. This led to an FBI investigation and the filing of criminal charges against two of the group's members.

The GNAA had several security researchers within its membership. According to Goatse Security spokesperson Leon Kaiser, the GNAA could not fully utilize their talents since the group believed that there would not be anyone who would take security data published by the GNAA seriously. In order to create a medium through which GNAA members can publish their security findings, the GNAA created Goatse Security in December 2009.

In order to protect its web browser from inter-protocol exploitation, Mozilla blocked several ports that HTML forms would not normally have access to. In January 2010, the GNAA discovered that Mozilla's blocks did not cover port 6667, which left Mozilla browsers vulnerable to cross-protocol scripts. The GNAA crafted a JavaScript-based exploit in order to flood IRC channels. Although EFnet and OFTC were able to block the attacks, Freenode struggled to counteract the attacks. Goatse Security exposed the vulnerability, and one of its members, Andrew Auernheimer, aka "weev," posted information about the exploit on Encyclopedia Dramatica.

In March 2010, Goatse Security discovered an integer overflow vulnerability within Apple's web browser, Safari, and posted an exploit on Encyclopedia Dramatica. They found out that a person could access a blocked port by adding 65,536 to the port number. This vulnerability was also found in Arora, iCab, OmniWeb, and Stainless. Although Apple fixed the glitch for desktop versions of Safari in March, the company left the glitch unfixed in mobile versions of the browser. Goatse Security claimed that a hacker could exploit the mobile Safari flaw in order to gain access and cause harm to the Apple iPad.

In June 2010, Goatse Security uncovered a vulnerability within the AT&T website. AT&T was the only provider of 3G service for Apple's iPad in the United States at the time. When signing up for AT&T's 3G service from an iPad, AT&T retrieves the ICC-ID from the iPad's SIM card and associates it with the email address provided during sign-up. In order to ease the log-in process from the iPad, the AT&T website receives the SIM card's ICC-ID and pre-populates the email address field with the address provided during sign-up. Goatse Security realized that by sending a HTTP request with a valid ICC-ID embedded inside it to the AT&T website, the website would reveal the email address associated with that ICC-ID.

On June 5, 2010, Daniel Spitler, aka "JacksonBrown", began discussing this vulnerability and possible ways to exploit it, including phishing, on an IRC channel. Goatse Security constructed a PHP-based brute force script that would send HTTP requests with random ICC-IDs to the AT&T website until a legitimate ICC-ID is entered, which would return the email address corresponding to the ICC-ID. This script was dubbed the "iPad 3G Account Slurper."

Goatse Security then attempted to find an appropriate news source to disclose the leaked information, with Auernheimer attempting to contact News Corporation and Thomson Reuters executives, including Arthur Siskind, about AT&T's security problems. On June 6, 2010, Auernheimer sent emails with some of the ICC-IDs recovered in order to verify his claims. Chat logs from this period also reveal that attention and publicity may have been incentives for the group.