T-Mobile Major Security Flaw: Bug May Have Exposed Customers' Personal Data

By Nathaniel Artosilla, Christian Post Contributor

The personal data of millions of customers could have been exposed to hackers after a flaw on the T-Mobile website was discovered. The bug was quickly fixed on Friday after the carrier was approached by a security reported.

In a report by Motherboard, millions of customers' data, including email addresses, phone's IMSI, and account numbers, might have been compromised by vulnerability on the carrier's website. While the vulnerability was discovered and quickly remedied, no one can say if any breach occurred.

With access to illegal technology, criminals can also use a person's IMSI to track their location or intercept calls, text messages, and metadata. The same method is currently being done by law enforcement track persons of interest.

Get Our Latest News for FREE

Subscribe to get daily/weekly email with the top stories (plus special offers!) from The Christian Post. Be the first to know.

The security researcher who found the flaw, Karan Saini, said that hackers could have utilized the vulnerability to siphon over 76 million customer accounts. As is the case with neo-Nazi hacker Andrew Auernheimer or weev, who was imprisoned for essentially doing just that back in 2011. He classified it as "a very critical data breach" and can be used to create a searchable database of up-to-date information on its users.

T-Mobile offered Saini, who is also a founder of startup Secure7, $1,000 bug bounty as a reward when he discovered the vulnerability. However, despite Saini's report, the carrier had a different opinion on how the flaw might be abused by criminals. In a statement, the company refuted Saini's claims saying that only a small part of its customers was impacted by the bug.

"We were alerted to an issue that we investigated and fully resolved in less than 24 hours," the carrier said. "There is no indication that it was shared more broadly."

T-Mobile previously experienced data breaches after hackers targeted Experian, the company that processes their credit checks. As many as 15 million customers had their personal information stolen which included names, birth dates, addresses and Social Security and drivers' license numbers.

Was this article helpful?

Help keep The Christian Post free for everyone.

By making a recurring donation or a one-time donation of any amount, you're helping to keep CP's articles free and accessible for everyone.

$25/month$50/quarter$100/yearOne-time

We’re sorry to hear that.

Hope you’ll give us another try and check out some other articles. Return to homepage.

Most Popular

More Articles