Tag Archives: security flaw

Apple website security flaw exposed account PINs of T-Mobile customers

It looks like T-Mobile isn’t the only company to have a major security issue recently. A security flaw with Apple’s online store exposed the account PINs of T-Mobile customers. That’s according to a report from BuzzFeed News, who says that a separate flaw with phone insurance company Asurion’s website exposed the passcodes of AT&T customers. The flaws were found by security researchers Phobia and Nicholas “Convict” Ceraolo and were patched by Apple and Asurion when … [read full article]

T-Mobile experienced a data breach on August 20th

UPDATE: T-Mobile has told Motherboard that the breach affected around 3 percent of its 77 million customers — around 2.3 million people — and that that the hackers were part of an “international group”. UPDATE 2: T-Mobile has confirmed that “encrypted passwords” were part of the data compromised by the hackers. Security researchers speaking to Motherboard say that the algorithm used for these passwords may be weak, and password expert Jeremi M. Gosney adds that customers … [read full article]

T-Mobile website security flaw let anyone view customer account info

A couple of months after it was discovered that a vulnerability with the T-Mobile website allowed hackers to log into any customer’s account, another vulnerability with T-Mo’s site has been found. Security researcher Ryan Stevenson recently found that a T-Mobile subdomain would allow a person to access customer data just by entering their phone number. According to ZDNet, the subdomain was promotool.t-mobile.com and was primarily used by customer care, but it contained an API … [read full article]

MetroPCS customer info made vulnerable to hackers by website security flaw

At the start of October, it was announced that Experian had suffered a data breach that exposed the personal data of 15 million people who had applied for T-Mobile service. Now it’s been revealed that T-Mobile prepaid brand MetroPCS was recently involved in a security issue of its own. Two security researchers recently discovered a bug with the payment page on MetroPCS’s website that could … [read full article]