Bug Exposed T-Mobile Data With Just a Phone Number

Share
Bug Exposed T-Mobile Data With Just a Phone Number

Until recently, a bug on a T-Mobile website gave hackers access to personal details relating to wireless subscriber accounts. Saini notes that T-Mobile offered him a $1,000 reward as part of its bug bounty program.

Though the information revealed by this vulnerability may not have been as sensitive as things like addresses and social security numbers, Motherboard notes that the information that was compromised could be enough to carry out social engineering attacks like phishing. They apparently used the stolen information obtained via the hack to trick T-Mobile employees into handing over new SIM cards and hijack phone numbers by impersonating the rightful owners of the line.

"T-Mobile has 76 million customers, and an attacker could have ran a script to scrape the data (email, name, billing account number, IMSI number, other numbers under the same account which are usually family members) from all 76 million of these customers to create a searchable database with accurate and up-to-date information of all users."

So, even though the vulnerability has been patched, it sounds like subscribers should still be wary of anyone contacting them claiming to be a representative for the company. T-Mobile said that the issue affected only a small number of its customers, so perhaps the worst case scenario laid down by Saini wasn't realized.

T-Mobile said in a statement that "we were alerted to an issue that we investigated and fully resolved in less than 24 hours".

With Equifax data breach still lurking in everyone's mind and Accenture's irresponsible security protections only having come to light this week, this is yet another potential mega breach, where hackers didn't even need to breach into T-Mobile's network as everything was available to them thanks to a security bug.

"We have confirmed that we have shut down all known ways to exploit it", T-Mobile said.

Yesterday, however, an anonymous hacker informed Motherboard that hackers had been exploiting the T-Mobile glitch for quite some time.

Share

Advertisement

Related Posts

Drug Companies in Calif. Will Answer to New Price Regulating Law
Health plans must provide detailed information about prescription drug costs and the portion of premiums related to this expense. He works as an Online Marketing Consultant providing web marketing services for attorney SEO firms.

Mizuho Initiates Coverage on ONEOK, Inc. (OKE) Setting A Rating Of "Neutral"
America First Invest Advsr Limited Liability has invested 0.02% of its portfolio in ONEOK, Inc . (NASDAQ:QCOM). RBC Capital Markets initiated it with "Sector Perform" rating and $35 target in Monday, March 28 report.

Seth MacFarlane says Oscars dig was meant to shame Weinstein
MacFarlane adds: "There is nothing more abhorrent and indefensible than abuse of power such as this". A spokesperson for Weinstein has since released a statement denying the claims made against him.

Mr Robot season 3 arrives this week
In the Season 3 premiere, Elliot gets woke and realizes that his mission needs help from Angela. We got an exclusive preview of the third season of Mr Robot and it is promising.

Harvey Weinstein admits to groping model on police recording
In the wake of the report, Vance, who is running for his third term in October, returned the donation. They're also shaking up the New York City criminal justice system.

Barclays Remains a Buy on First Data Corp
The share price of First Data Corporation (NYSE: FDC ) was down -0.50% during the last trading session, with a day high of 0.00. Clinton Group Inc. lowered its stake in First Data Corp (NYSE: FDC ) by 4.3% during the first quarter, Holdings Channel reports.

Getting to know the best stock in today's market: Ball Corporation (BLL)
The investment professionals in our partner's database reported: 585.36 million shares, up from 145.14 million shares in 2017Q1. The Company's packaging products are produced for a range of end uses and are manufactured in facilities around the world.

University of Hawaii Sent Students An Alarming Email About Nuclear War
Despite the national attention, the email didn't generate a large number of complaints from students or faculty, Meisenzahl said. The email then told recipients to be aware of emergency sirens and to follow instructions on " sheltering in place ".

Caesars Entertainment Corporation (CZR) has its outstanding shares of 152.56 Million
The stock now shows its YTD ( Year to Date ) performance of 48.82 percent, whereas its Weekly performance stands at -5.24%. COPYRIGHT VIOLATION NOTICE: This article was originally posted by Week Herald and is the sole property of of Week Herald.

Notable Stock Analysts Ratings Southwestern Energy Company (SWN)
The energy company reported $0.08 earnings per share for the quarter, missing the Zacks' consensus estimate of $0.16 by ($0.08). Noble Energy Inc. has $60 highest and $3.50 lowest target. $41.38's average target is 50.25% above currents $27.54 stock price.

© 2015 ExpressNewsline. All Rights reserved.