Engadget: Hackers gain access to millions of T-Mobile customer details. “T-Mobile has fallen foul of yet another cybersecurity issue. In a statement released this week the company said that an unauthorized entry into its network may have given hackers access to customer records, including billing ZIP codes, phone numbers, email addresses and account numbers. According to T-Mobile, the intrusion was quickly shut down, and no financial data, social security numbers or passwords were compromised.”
ZDNet: T-Mobile bug let anyone see any customer’s account details. “A bug in T-Mobile’s website let anyone access the personal account details of any customer with just their cell phone number. The flaw, since fixed, could have been exploited by anyone who knew where to look — a little-known T-Mobile subdomain that staff use as a customer care portal to access the company’s internal tools. The subdomain — promotool.t-mobile.com, which can be easily found on search engines — contained a hidden API that would return T-Mobile customer data simply by adding the customer’s cell phone number to the end of the web address.”
Motherboard: ‘Critical’ T-Mobile Bug Allowed Hackers To Hijack Users’ Accounts. “Hackers could have hijacked and taken control of T-Mobile’s customer accounts thanks to a severe bug on the company’s website. The vulnerability was found and reported by a security researcher on December 19 of last year, but it hasn’t been revealed until now. Within a day, T-Mobile classified it as ‘critical,’ patched the bug, and gave the researcher a $5,000 reward. That’s good news, but it’s unclear how long the site was vulnerable and whether any malicious hackers found and exploited the bug before it was fixed.”
Motherboard: T-Mobile Website Allowed Hackers to Access Your Account Data With Just Your Phone Number. “Until last week, a bug on a T-Mobile website let hackers access personal data such as email address, a customer’s T-Mobile account number, and the phone’s IMSI, a standardized unique number that identifies subscribers. On Friday, a day after Motherboard asked T-Mobile about the issue, the company fixed the bug.”
EFF confirms it: yeah, T-Mobile is throttling video. “The first result of our test confirms that when Binge On is enabled, T-Mobile throttles all HTML5 video streams to around 1.5Mps, even when the phone is capable of downloading at higher speeds, and regardless of whether or not the video provider enrolled in Binge On. This is the case whether the video is being streamed or being downloaded—which means that T-Mobile is artificially reducing the download speeds of customers with Binge On enabled, even if they’re downloading the video to watch later.”
T-Mobile claims it isn’t throttling YouTube, it’s optimizing it. “T-Mobile has tried to downplay concerns this week by saying that its ‘optimizing’ YouTube, rather than ‘throttling’ the service and that ‘using the term “throttle” is misleading.’ A spokesperson told DSL Reports that ‘because video is optimized for mobile devices, streaming from these sites should be just as fast, if not faster than before.’ It’ll just look like crap. Bleah.
Net neutraladowhatnow? YouTube claims T-Mobile is throttling its video content. “T-Mobile declined to address YouTube’s complaint but no doubt this is something the FCC wants to take a look at. Recently the FCC had publicly stated that they wanted to speak to the likes of AT&T, T-Mobile, and Comcast about their free data programs. The FCC noted that this wasn’t an investigation, but rather they wanted to gather all the facts about it.”