If someone wants to steal your phone number -- say, to intercept the two-factor authentication SMSes needed to break into your bank account or other vital service -- they hijack your SIM by impersonating you to your phone company (or by bribing someone at the company to reassign your phone number to them), and this has made the security of phone numbers into a top concern for security experts and telcoms companies, as there are millions of dollars at stake.
Enter Comcast, all-time champion "most-hated company in America," whose Xfinity Mobile cellular service assigns the same unchangeable PIN to every customer: 0000.
But don't worry, Comcast says that this only puts you at risk if you recycle user-names and passwords, and nobody does that.
Because of that 0000 PIN, getting a victim's Xfinity Mobile account number was the main obstacle for attackers. A Comcast spokesperson told Ars that this account number is available only by logging into the Xfinity Mobile Web portal and is therefore protected by a Comcast's user's password. Comcast told Ars that it does not send out paper bills for Xfinity Mobile and does not include that account number in emails to customers, cutting off two potential ways that attackers could get the account number.
Comcast indicated that the number-porting attack affected only customers who reused passwords across multiple sites.
Comcast set mobile pins to “0000,” helping attackers steal phone numbers [Jon Brodkin/Ars Technica]
(Image: Specious, CC-BY-SA)
First American Financial Corp is a Fortune 500 company that insures titles on peoples' property; their insecure website exposed 885,000,000 records for property titles, going back 16 years, including bank accounts (with scanned statements), Social Security numbers, wire transaction receipts, scanned drivers' licenses, tax records, mortgage records, etc -- when notified of the error, the […]
Hackers have breached Perceptics, which sells border security technology and license plate reader systems and the like to governments and other entities. The U.S. government uses their readers, including along the US-Mexico border.
Every year, the Electronic Frontier Foundation presents its Pioneer Awards (previously); now renamed the Barlow Award in honor of EFF co-founder John Perry Barlow, who died last year.
Need to upgrade your sound? Bluetooth technology has never been better, but that’s not the only reason to look into a new set of speakers or headphones. We found ten pieces of audio gear that are already on sale, and you can take an additional 15% off the final price for Memorial Day weekend by […]
Trying to earn a promotion? Memorial Day weekend might be a good place to start. There are tons of e-learning packages that can help you build professional skills a lot quicker (and cheaper) than any technical academy. Whether you want to earn IT certifications, learn to code, become a designer, or anything else, these comprehensive […]
If you’re into tools or gadgets, Memorial Day weekend is your Christmas. Take an extra 15% off the final price of these DIY accessories – all of which are already on sale – by entering the promo code WEEKEND15. LUXJET Universal 24-in-1 Magnetic Screwdriver Set & Repair Kit This small but sturdy kit won the […]