12 Oct T-Mobile Website Bug Exposes Sensitive Customer Data
A security researcher recently discovered a flaw in on T-Mobile’s website that could have allowed hackers access to the personal data of its customers.
Karan Saini of startup Secure7 said that attackers could have exploited the bug to obtain email addresses, account numbers, and phone IMSI, just by using the subscriber’s phone number. He added that an attacker can easily scrape the data of all 76 million customers using a script, turning it into a very critical data breach had it happened.
T-Mobile however, said that the incident impacted only a small number of customers, and that the issue had promptly been investigated and fixed in less than 24 hours.
Source: Motherboard Vice