While a lot of attention has been paid to increasing mobile privacy and security in recent years, there may be a major hole in the protections for one well-known mobile provider.
Virgin Mobile USA may have a number of serious holes in its basic securities for its users, according to a report from Silicon Valley-based Web developer named
Kevin Burke. Essentially, the problem lies in the fact that any person who knows the phone number associated with someone's Virgin Mobile USA account can find out who they've been texting or calling, change the device associated with that phone number, change the physical address, email address, and password for that account, or buy a new device on that account.
Virgin Mobile's website uses a customer's phone number as their online username, and a six-digit number as their password, meaning there are only 1 million possible logins if a hacker gets that phone number, the report said. For this reason, it can be easy to code a "brute force" script that can crack that password relatively quickly.
Ondrej Krehel, chief information security officer for
Identity Theft 911, has a blog about dangers consumers face from hacking attacks.
© 2003-2012 IDentity Theft 911, LLC. All Rights Reserved