Joe UchillMay 24, 2018

T-Mobile flaw let anyone access user info with only a phone number

A San Francisco T-Mobile Store — A T-Mobile glitch left accounts exposed. Photo: Justin Sullivan / Getty

An exposed online interface for T-Mobile let anyone access user info knowing only a phone number.

The details: Researcher Ryan Stevenson notified T-Mobile of the bug in April, and the wireless carrier took down the problematic service the next day. The bug was first reported on by ZDNet.

Show less

Go deeper72 Words

Until it was taken down, T-Mobile had an active online tool for its computer programmers to connect its employees to the customer database, known as an API.
The API delivered information including address, PIN, account number and, on some accounts, tax identification number.
Researchers found a separate, similar T-Mobile bug in October.

A representative confirmed that T-Mobile investigated the flaw but found no sign any data had actually been stolen.

T-Mobile

Latest Stories

Latest Stories

Don McGahn responds to accusations against his credibility

The country's genius hubs are vacuuming up tech talent

WannaCry savior pleads guilty to helping distribute malware

Steve Jurvetson among Tesla board members to step down

Doctor treating Ebola victims killed during attack in Congo

Amazon, China and 'rebordering'

Top Democrats reject Barr's offer to view less-redacted Mueller report

Mitt Romney "sickened" by Mueller report revelations

How social media fuels migrant caravans

Axios Dashboard

Axios Future: Stubborn genius hubs — Amazon and 'rebordering' — Tigermania

At current crossroads, future of Palestinian movement is up for grabs

Axios PM: Rise of migrant caravans — Cool Mueller interactive — 1 person to know

Elizabeth Warren calls for Trump's impeachment

Man arrested, threatens to kill Cory Booker, Eric Swalwell and Rashida Tlaib

Explore a detailed view of the Mueller report

GOP congressman hires former WH aide with white nationalist ties

Hurricane Michael gets upgraded to a Category 5 storm

What we're driving: 2019 BMW X7

Zipcar gets ready for AV rentals

T-Mobile flaw let anyone access user info with only a phone number

Latest Stories

Latest Stories

Don McGahn responds to accusations against his credibility

The country's genius hubs are vacuuming up tech talent

WannaCry savior pleads guilty to helping distribute malware

Steve Jurvetson among Tesla board members to step down

Doctor treating Ebola victims killed during attack in Congo

Amazon, China and 'rebordering'

Top Democrats reject Barr's offer to view less-redacted Mueller report

Mitt Romney "sickened" by Mueller report revelations

How social media fuels migrant caravans

Axios Dashboard

Axios Future: Stubborn genius hubs — Amazon and 'rebordering' — Tigermania

At current crossroads, future of Palestinian movement is up for grabs

Axios PM: Rise of migrant caravans — Cool Mueller interactive — 1 person to know

Elizabeth Warren calls for Trump's impeachment

Man arrested, threatens to kill Cory Booker, Eric Swalwell and Rashida Tlaib

Explore a detailed view of the Mueller report

GOP congressman hires former WH aide with white nationalist ties

Hurricane Michael gets upgraded to a Category 5 storm

What we're driving: 2019 BMW X7

Zipcar gets ready for AV rentals

Don't miss key coverage on the aftermath of the Mueller report. Subscribe to Axios AM.

T-Mobile flaw let anyone access user info with only a phone number