T-Mobile API user data exposed, the company said no evidence of access to the data

A T-Mobile API exposed client data from any client, and all you needed was a phe number, according to ZDNet. T-Mobile closed the API after it was reported by the company's bug program and stated that there was no evidence data was actually accessed.

In a statement, T-Mobile said:

researchers can alert us to vulnerabilities, which has happened here, and we support this type of respsible and coordinated disclosure. The bug has been fixed as so as possible and we have no proof that customer information has been csulted, "added the spokesman.

We have already traveled this road

Of course, T-Mobile said the same thing. a similar API a different subdomain that appeared in October 2017. Motherboard then reported that although T-Mobile stated that there was no evidence accessed , the data was accessible.

address, billing account number and tax identificati information (where relevant, eg businesses). Oh, and your PIN to ctact customer support, which could have allowed the bad guys to hack into your account. And, of course, users reuse PINs at least as often as they re-use passwords.

Do not reuse passwords or PINs. Do not do that. DO NOT

Also, change your T-Mobile password and make sure you never reuse passwords a site.

We will be happy to hear your thoughts

      Leave a Reply

      AppleiPhonestop - Apple iPhone News and Rumours All Day
      Enable registration in settings - general
      Compare items
      • Laptops (0)