Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

True Wireless CPNI breach


  • Please log in to reply
1 reply to this topic

#1 Trikein

Trikein

  • Members
  • 1,321 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rhode Island, US
  • Local time:11:02 PM

Posted 16 January 2017 - 06:13 PM

While helping a friend with True Wireless troubleshoot a cell phone issue, I tried to sign into their customer portal. Turns out online access is not setup until the user first logs in and sets a password. The problem is all it requires is the phone number and the service zip code to gain access. The reason this is so worrisome is True Wireless is a provider for free cellular service for disabled people. Most of these people don't use the customer portal, so many account are probably in this insecure open access state.

 

The portal include customer's name, address, and all inbound and outbound calls in clear .csv format. Is this typical for small providers? IMO it is a breach of FCC CPNI rules. Before I filed a complaint, I wanted other people's opinion. Also, I wanted to warn others that may use them as a provider.



BC AdBot (Login to Remove)

 


m

#2 Trikein

Trikein
  • Topic Starter

  • Members
  • 1,321 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rhode Island, US
  • Local time:11:02 PM

Posted 18 January 2017 - 05:01 PM

:(

4f20e47a8bbf8e14ed477a89dd75f9f1cc1d8a2c






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users