Searching for smart, safe news you can TRUST?
Support safe, smart, REAL journalism. Sign up for our Axios AM & PM newsletters and get smarter, faster.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Denver news in your inbox
Catch up on the most important stories affecting your hometown with Axios Denver
Des Moines news in your inbox
Catch up on the most important stories affecting your hometown with Axios Des Moines
Minneapolis-St. Paul news in your inbox
Catch up on the most important stories affecting your hometown with Axios Twin Cities
Tampa Bay news in your inbox
Catch up on the most important stories affecting your hometown with Axios Tampa Bay
Charlotte news in your inbox
Catch up on the most important stories affecting your hometown with Axios Charlotte
A T-Mobile glitch left accounts exposed. Photo: Justin Sullivan / Getty
An exposed online interface for T-Mobile let anyone access user info knowing only a phone number.
The details: Researcher Ryan Stevenson notified T-Mobile of the bug in April, and the wireless carrier took down the problematic service the next day. The bug was first reported on by ZDNet.
- Until it was taken down, T-Mobile had an active online tool for its computer programmers to connect its employees to the customer database, known as an API.
- The API delivered information including address, PIN, account number and, on some accounts, tax identification number.
- Researchers found a separate, similar T-Mobile bug in October.
A representative confirmed that T-Mobile investigated the flaw but found no sign any data had actually been stolen.