|
|
O2 suffer security breach | | 2008/07/21 | | MMS messages sent to mobile phone users who do not own a compatible phone - including the new iPhone 3G - have caused a security breach at O2.
The communications firm were forced to remove their web-based MMS viewing service after a significant amount of pictures sent by customers became accessible to anyone using a routine Google search.
Concerns were raised when customers' private phone numbers were readable at the top of each image sent in.
Speaking to vnunet.com, David Cawley - the man who discovered the flaw - said: "As these web pages were wide open to the internet, not requiring any authentication, a handful were indexed by Google.
"I was able to craft a Google search that results in some matches to show an example of how this is an insecure method of hosting."
Instead of receiving a photo, users were given a URL which enabled them to link through to a website showing the O2 customer's image because the website lacked any coded password protection or log-in feature.
The mistake is an embarrassment for O2 which presents itself as a market leader in the realm of online privacy through its Protect Our Children website but a full investigation has begun. |
ALL RELATED ARTICLESAll General news
| | | RECENT RELATED ARTICLES | | New initiative to get more women into IT - 2008/09/22 A new programme aimed at increasing the number of women working in IT has been launched. ... | | | | .info websites pose greatest 'hack' risk - 2008/09/16 Websites with a .info top level domain name (TDL) are the most likely to have been hacked, according to new research. ... | | | | Website monitoring is essential in the internet age - 2008/09/10 The internet can give companies a global reach, attracting customers to websites where they can find out information, interact and buy products online. Their place in the modern business ... | | | | Cloudmark warns email providers of insufficient website monitoring - 2008/09/09 As viruses, and the methods used to deploy them, continue to push back the boundaries of sophistication and abundance, carrier-grade messaging security firm Cloudmark has warned that ... | | | | LSE trading halted as system goes down - 2008/09/08 A day of heavy trading at the London Stock Exchange (LSE) following the nationalisation of Fannie Mae and Freddy Mac - America's two biggest mortgage lenders - had to be suspended earlier ... | | |
|
|
|
