Tag Archives: security

T-Mobile teams with Comcast and Inteliquent on first verified call across three networks

After teaming up earlier this year to verify calls made between their networks, T-Mobile and Comcast have partnered up again to protect consumers from spoofers and scammers. T-Mobile, Comcast, and Inteliquent have achieved the first end-to-end STIR/SHAKEN call verification across three networks. Now calls that are routed through Inteliquent and those made directly between T-Mobile and Comcast’s Xfinity Voice landline phone service can be verified as legitimate using the STIR and SHAKEN standards. STIR and SHAKEN … [read full article]

Samsung pushing update for Galaxy S10 and Note 10 devices that fixes fingerprint security issue

If you’re rocking a Galaxy S10 or Note 10 device, there’s an important update coming your way from Samsung. Samsung is now sending out a biometrics update to the Galaxy S10, S10+, S10 5G, Note 10, and Note 10+. It’s meant to patch a security issue discovered recently that allows any fingerprint to unlock your phone if you’re using certain third-party silicone screen protectors. Samsung explains that these screen protectors have a textured surface on the … [read full article]

T-Mobile NOPORT is a hidden setting that will help protect your account from SIM hijacking

SIM hijacking is a serious problem nowadays that involves hackers tricking a wireless carrier’s customer service into giving them control of your phone number, which they can then use for other nefarious things. Today it’s been revealed that T-Mobile has a secret tool to help combat this SIM swapping attack. A T-Mobile feature called NOPORT aims to make it much more difficult for someone to perform a SIM swap. As discovered by Motherboard, when NOPORT is … [read full article]

FCC Commissioner asks T-Mobile and other carriers for update on ending sales of location data

Following some security and prvacy issues related to U.S. carriers selling customer location data to third-parties, an FCC commissioner has reached out to the operators for more info on the situation. FCC Commissioner Jessica Rosenworcel has sent letters to AT&T, Sprint, T-Mobile, and Verizon for details on their efforts to end their agreements with location aggregators as well as what their previous agreements with these companies allowed. As noted by Motherboard, Commissioner Rosenworcel sent the … [read full article]

T-Mobile responds to location data scandal, says it’s ‘completely ending’ aggregator work

Days after a new report came out that show that T-Mobile and other carriers were selling customer location data that could easily be bought and used by bounty hunters to track a phone’s location, T-Mobile has said that it’s working to end that practice. T-Mobile said in a statement to The Verge that it has “blocked access to device location data for any request submitted by Zumigo.” In the report that came out earlier this … [read full article]

T-Mobile won’t sell location data to ‘shady middlemen’, says CEO John Legere

UPDATE: T-Mobile today sent me the following statement regarding this news: “We ended all transmission of customer data to Securus and are terminating our location aggregator agreements.”   ORIGINAL: Today several U.S. carriers committed to stop selling customer location data to brokers, and now T-Mobile CEO John Legere has chimed in on the matter. Legere has said that he’s “personally evaluated” the issue involving user location data, pledging that T-Mo “will not sell customer location data … [read full article]

T-Mobile website security flaw let anyone view customer account info

A couple of months after it was discovered that a vulnerability with the T-Mobile website allowed hackers to log into any customer’s account, another vulnerability with T-Mo’s site has been found. Security researcher Ryan Stevenson recently found that a T-Mobile subdomain would allow a person to access customer data just by entering their phone number. According to ZDNet, the subdomain was promotool.t-mobile.com and was primarily used by customer care, but it contained an API … [read full article]

T-Mobile US does not store customer passwords in plain text

This week, T-Mobile Austria admitted that it stores part of customer passwords in plain text. “The customer service agents see the first four characters of your password. We store the whole password, because you need it for the login for mein.t-mobile.at”, a T-Mo Austria rep explained. Many T-Mobile US customers are wondering if their carrier does the same thing, but T-Mo says that it does not. T-Mobile US tells me that it does not store passwords … [read full article]

Security bug with T-Mobile website let hackers access any customer’s account

T-Mobile has had some security issues lately, including port-in scams that allegedly led to one man having his cryptocurrency stolen, and now details on another recent problem have popped up. On December 19, security researcher Kane Gamble discovered a vulnerability with the T-Mobile website that would allow hackers to log into anyone’s account, reports Motherboard. The issue was reported to T-Mobile on the same day. When it learned of the bug, T-Mobile unsurprisingly classified it … [read full article]

T-Mobile hit with lawsuit for allegedly letting hackers port man’s phone number and take his cryptocurrency

Days after T-Mobile began sending texts to customers urging them to add port validation security to their accounts, news has come out that a man is suing T-Mobile over an issue related to porting. Carlos Tapang is suing T-Mobile for allegedly allowing strangers to port his phone number and then steal his Bitcoin. Tapang claims that on November 7, 2017, someone contacted T-Mobile to port his phone number to AT&T and that T-Mo did so, despite … [read full article]