BestMVNO may earn a commission if you click on a link leading to another website. Learn More

Coding Error On MetroPCS Website Potentially Exposes Sensitive Information of 10 Million+ Customers

MetroPCS Data Breach

By Joe Paonessa – Nov 16, 2015
Did you know BestMVNO is available to follow for free in Google News? Follow BestMVNO in your Google News app and keep up to date on wireless.
Follow BestMVNO In Google News



More than 10 million MetroPCS customers had their personally identifiable information put at risk by a coding error on the companies website, although to obtain the information one would have to know the phone number of a MetroPCS customer.

Armed with a subscribers phone number a potential hacker would have been able to gain access to the subscribers home address, the plan they subscribed to and their phone model and serial number. Even without a customers phone number, the information could have been obtained by someone with a little bit of coding knowledge to write an automated script to harvest the data.

With the above data a hacker would have been able to use social engineering to potentially obtain even more sensitive information such as a bank account or email account.

The bug was reportedly found by security researchers Eric Taylor and Blake Welsh in mid October and has since been fixed.  MetroPCS does not believe that any subscriber data has been compromised.  Still this has to be embarrassing for the company, given that it is owned by T-Mobile which had a big customer data breach of its own to deal with just several weeks ago.


Be sure to follow BestMVNO on Twitter for additional wireless coverage, deals, insights, and even debates!
Follow @BestMVNO Twitter



guest
0 Comments
Inline Feedbacks
View all comments