O2 data breach potentially shares your cellphone number with the world

There's an alarming rumor circulating that suggests that UK network O2 forwards your phone number to any website visited on a smartphone. Lewis Peckover built a site that displays the header data sent to sites you visit, finding a network-specific field called "x-up-calling-line-id" which displayed his number. Angry users who tested the site have flooded the company's official Twitter, which is currently responding with:

"Security is our top most priority, we're investigating this at the moment & will come back with more info as soon as we can."

The Next Web confirmed that Orange, T-Mobile and Vodafone numbers are unaffected by the issue, but GiffGaff and Tesco Mobile (both MVNOs that operate on the same network) do. TNW's sources say it's most likely an internal testing setup, while Mr. Peckover suggests it's because the network transparently proxies HTTP traffic, using the number as a UID.

Update: We received confirmation from O2, who said that it was "investigating with internal teams and it's our top priority." Slashgear and Think Broadband were unable to replicate the problem, but in our tests (pictured) it was sharing our data with the site.

O2 data breach potentially shares your cellphone number with the world originally appeared on Engadget on Wed, 25 Jan 2012 04:54:00 EDT. Please see our terms for use of feeds.

Permalink The Next Web  |  Lewis Peckover  | Email this | Comments

Source: http://www.engadget.com/2012/01/25/o2-data-breach/

costumes seth macfarlane bobby flay clemson football the new girl miami hurricanes football miami hurricanes football