Sci-tech

Bug reportedly exposed T-Mobile customers' personal data

Bug reportedly exposed T-Mobile customers' personal data”

For T-Mobile, the dire example set by the credit agency apparently wasn't enough, as a huge bug in the company's website allowed hackers to obtain a wealth of personal data on any customer as long as they had access to their phone number.

Security researcher Karan Saini, founder of startup Secure7, discovered the flaw last week and informed T-Mobile about it. T-Mobile quickly patched the bug and offered Saini a $1,000 bug bounty.

However unlikely - and with access to illegal (yet surprisingly easy to homebrew) tech, a criminal could potentially use a person's IMSI number to track their location or intercept calls, text messages, and metadata. However, T-Mobile also contradicted Saini's initial findings, noting that only a small portion of its subscribers, rather than the entirety of T-Mobile's customer base. In response to the original Motherboard report, a blackhat hacker contacted the publication revealing that the bug was known and exploited for "quite a while".

Saini told Motherboard that an attacker could leverage the vulnerability by writing a script to siphon data from T-Mobile's 76 million customer accounts to create a searchable database of up-to-date information on its users. "We were alerted to an issue that we investigated and fully resolved in less than 24 hours", said T-Mobile in a statement to Motherboard. It seems that we don't know just how many customers were affected by this vulnerability, so if T-Mobile talks about it any further, we'll be sure to let you know. "As of this time we've found no evidence of customer accounts affected as a result of this vulnerability".

However, this claim has been disputed by anonymous hacker, telling Motherboard that "a bunch of SIM swapping skids had the [vulnerability] and used it for quite a while". "That would effectively be classified as a very critical data breach, making every T-mobile cell phone owner a victim", he told Motherboard.



Like this

Latest


12 October 2017
SeaWorld Entertainment, Inc. (SEAS)
Another trade for 19.45 million shares valued at $447.40M was made by Blackstone Holdings III L.P. on Monday, May 8. The company has its outstanding shares of 96.87M. 136,912 were reported by Employees Retirement Systems Of Ohio.

12 October 2017
Broker Changes For General Electric Company (NYSE:GE)
Welch & Forbes Ltd Liability holds 1.44% of its portfolio in General Electric Company (NYSE:GE) for 1.91 million shares. Parametrica Management Ltd purchased a new stake in shares of General Electric during the 1st quarter worth $214,000.

12 October 2017
Former NFL CB Tracy Porter arrested on assault and drugs charges
According to WWLTV.com , "The police officer taking the report noted that the woman had fresh bruises consistent with her story". Porter faces marijuana possession and battery of a dating partner charges, according to the East Baton Rouge Sheriff's Office.

12 October 2017
Trudeau still bullish on NAFTA, but admits Canada is 'ready for anything'
Mr Trudeau said he "highlighted to the president how much we disagree vehemently" on the decision to impose anti-dumping duties. Trudeau and his wife, Sophie Grégoire Trudeau, were greeted by the Trumps at the South Portico at the start of their visit.

12 October 2017
Alaska Air Group, Inc
With 462,500 avg volume, 1 days are for Parkway Properties Incorporated (NYSE:PKY)'s short sellers to cover PKY's short positions. State Bank Of Montreal Can invested 0.03% of its portfolio in Alaska Air Group, Inc. (NYSE:ALK) for 12,125 shares.

12 October 2017
Pelicans' Rajon Rondo Out 4-6 Weeks With Sports Hernia
Rondo, 31, is entering his 11th National Basketball Association season since being selected in the first round of the 2004 draft. Meaning, the Pelicans starting backcourt this season will look "exactly" like it did at the start of last season.

12 October 2017
Man Charged With Attempted Murder For Pushing Stranger Onto CTA Tracks
Someone posted $20,000, or the requisite 10 percent needed to go free, on Tuesday, according to a sheriff's office spokeswoman. According to the Tribune , Benedict said he and his attacker were the only ones on the platform when the man pushed him.

12 October 2017
Mr. Robot - Whiterose Quotes Groucho Marx About "Fear of the Thorn"
Boardwalk Empire actor Bobby Cannavale joined the series as Irving, his character is only described as a "used vehicle salesman". Robotis wasting no time getting into the thick of one of the show's most intriguing mysteries.

12 October 2017
Pizza Hut's New Delivery Bags Keep Your Pizza So Much Hotter
How? With a pouch made of high-tech insulation and a "re-engineered pizza box". The company spent more than 2 years developing the technology.

12 October 2017
Two People Dead, Several Trapped as 4-Story Building Collapses in Kisii
The National Disaster Management Unit Communications Officer Pius Maasai said 30 more people had been trapped in the debris. Four people were pulled from the rubble as rescue operations hit top gear to remove several others trapped in the rubble.



Recommended