Tag Archives: security

T-Mobile NOPORT is a hidden setting that will help protect your account from SIM hijacking

SIM hijacking is a serious problem nowadays that involves hackers tricking a wireless carrier’s customer service into giving them control of your phone number, which they can then use for other nefarious things. Today it’s been revealed that T-Mobile has a secret tool to help combat this SIM swapping attack. A T-Mobile feature called NOPORT aims to make it much more difficult for someone to perform a SIM swap. As discovered by Motherboard, when NOPORT is … [read full article]

FCC Commissioner asks T-Mobile and other carriers for update on ending sales of location data

Following some security and prvacy issues related to U.S. carriers selling customer location data to third-parties, an FCC commissioner has reached out to the operators for more info on the situation. FCC Commissioner Jessica Rosenworcel has sent letters to AT&T, Sprint, T-Mobile, and Verizon for details on their efforts to end their agreements with location aggregators as well as what their previous agreements with these companies allowed. As noted by Motherboard, Commissioner Rosenworcel sent the … [read full article]

T-Mobile responds to location data scandal, says it’s ‘completely ending’ aggregator work

Days after a new report came out that show that T-Mobile and other carriers were selling customer location data that could easily be bought and used by bounty hunters to track a phone’s location, T-Mobile has said that it’s working to end that practice. T-Mobile said in a statement to The Verge that it has “blocked access to device location data for any request submitted by Zumigo.” In the report that came out earlier this … [read full article]

T-Mobile won’t sell location data to ‘shady middlemen’, says CEO John Legere

UPDATE: T-Mobile today sent me the following statement regarding this news: “We ended all transmission of customer data to Securus and are terminating our location aggregator agreements.”   ORIGINAL: Today several U.S. carriers committed to stop selling customer location data to brokers, and now T-Mobile CEO John Legere has chimed in on the matter. Legere has said that he’s “personally evaluated” the issue involving user location data, pledging that T-Mo “will not sell customer location data … [read full article]

T-Mobile website security flaw let anyone view customer account info

A couple of months after it was discovered that a vulnerability with the T-Mobile website allowed hackers to log into any customer’s account, another vulnerability with T-Mo’s site has been found. Security researcher Ryan Stevenson recently found that a T-Mobile subdomain would allow a person to access customer data just by entering their phone number. According to ZDNet, the subdomain was promotool.t-mobile.com and was primarily used by customer care, but it contained an API … [read full article]

T-Mobile US does not store customer passwords in plain text

This week, T-Mobile Austria admitted that it stores part of customer passwords in plain text. “The customer service agents see the first four characters of your password. We store the whole password, because you need it for the login for mein.t-mobile.at”, a T-Mo Austria rep explained. Many T-Mobile US customers are wondering if their carrier does the same thing, but T-Mo says that it does not. T-Mobile US tells me that it does not store passwords … [read full article]

Security bug with T-Mobile website let hackers access any customer’s account

T-Mobile has had some security issues lately, including port-in scams that allegedly led to one man having his cryptocurrency stolen, and now details on another recent problem have popped up. On December 19, security researcher Kane Gamble discovered a vulnerability with the T-Mobile website that would allow hackers to log into anyone’s account, reports Motherboard. The issue was reported to T-Mobile on the same day. When it learned of the bug, T-Mobile unsurprisingly classified it … [read full article]

T-Mobile hit with lawsuit for allegedly letting hackers port man’s phone number and take his cryptocurrency

Days after T-Mobile began sending texts to customers urging them to add port validation security to their accounts, news has come out that a man is suing T-Mobile over an issue related to porting. Carlos Tapang is suing T-Mobile for allegedly allowing strangers to port his phone number and then steal his Bitcoin. Tapang claims that on November 7, 2017, someone contacted T-Mobile to port his phone number to AT&T and that T-Mo did so, despite … [read full article]

MetroPCS customer info made vulnerable to hackers by website security flaw

At the start of October, it was announced that Experian had suffered a data breach that exposed the personal data of 15 million people who had applied for T-Mobile service. Now it’s been revealed that T-Mobile prepaid brand MetroPCS was recently involved in a security issue of its own. Two security researchers recently discovered a bug with the payment page on MetroPCS’s website that could … [read full article]

T-Mobile quietly upgrading its network with more secure encryption

Following Edward Snowden’s now-infamous report outing the NSA and its excessive monitoring of people’s communication, there’s been a real effort by companies everywhere to sure up their security. Whether it’s Apple’s locally-stored Touch ID, or recent Pay service, Samsung’s Knox, or BlackBerry’s recent push to upgrade its own security; more is being done to ensure you cannot be tracked in an invasive manner. T-Mobile is quietly doing its bit too. Washington Post reports … [read full article]