Protecting information is a central priority for most successful companies, but one cell phone provider has made a giant security faux pas that could potentially affect their customers for years to come.
According to Vice, the personal information of more than 10 million MetroPCS subscribers was recently exposed to hackers due to a security flaw in the company’s payment processing page.
A substantial oversight by MetroPCS made it possible for criminals to access any customer’s home address, phone serial number, and type of plan being used. The bug enabled hackers to simply run an automated script of random phone numbers until they gained access to some — if not all — of MetroPCS’s customer information.
Independent security researchers Eric Taylor and Blake Welsh discovered the flaw by accident and immediately reported it to T-Mobile, who is the parent company of MetroPCS. While they say the bug is now fixed, there is no telling how many customers were left vulnerable as a result of the data breach.
“It’s a pretty nasty bug,” said HD Moore, a well-known security researcher who reviewed Taylor’s research. “It seems like a serious privacy exposure.”
Major companies invest large amounts of time and resources into securing both their own sensitive information as well as the personal information of customers, so a data breach of this magnitude is hard to fathom.
To prevent these security breaches, industry experts suggest outsourcing information technology services. This enables large companies like T-Mobile to focus on their daily operations while data security is handled by IT professionals with developed techniques to thwart hackers.
“IT departments are short on time and security tools and are under more threat than ever before,” says Jeff Conaty, President of the Cloud Security Division at Highstreet IT Solutions. “Managed Security-as-a-Service solutions that integrate innovative security technology, human analytics, and responsive communication deliver the highest-quality security outcome for companies with security concerns.”
When it comes to data breaches, even state governments can be guilty of failing to address security flaws. According to local North Carolina news affiliate WRAL, the North Carolina Department of Health and Human Services recently revealed that a Medicaid staffer sent unencrypted emails to local health departments containing sensitive patient information.
The content of the emails, which is required to be encrypted under several federal privacy acts, contained the Social Security numbers of several patients, in addition to their names, addresses, and insurance information.
While Medicaid was quick to notice its own mistake, consumers may be wary of phone contracts after a large corporation like T-Mobile experienced such an elementary data breach. The cell phone company has declined further comment on the story.
$3 iphone protection plan, 1.866 862.3397, 2017 metropcs wireless figured out rebate, 2019 metro pcs phones, 4 for 100 metro, 4 free phones metro, 4 line for 100 pc metro, 40 dollar plan metropcs, 5g phones metro by t mobile, 8 digit metro pcs security code, access metro pcs account, access wireless sign in, account management website web guard, account t mobile com access, add minutes to metro pcs phone, add mobile hotspot data metropcs, add top up data metropcs, adding a 3rd line to metro pcs, all metro pcs phones ever made, aseguranza metropcs, best metro by t mobile phones.