T-Movile owned ?

[ByTeWrangler]

This was like a "are you kidding me moment"

The U.S. T-Mobile network predominately uses the GSM/GPRS/EDGE 1900 MHz frequency-band, making it the largest 1900 MHz network in the United States. Service is
available in 98 of the 100 largest markets and 268 million potential customers.

Like Checkpoint Tmobile has been owned for some time. We have everything, their databases, confidental documents, scripts and programs from their servers,
financial documents up to 2009.

We already contacted with their competitors and they didn't show interest in buying their data -probably because the mails got to the wrong people- so now we are
offering them for the highest bidder.

Please only serious offers, don't waste our time.

http://seclists.org/fulldisclosure/2009/Jun/0062.html

WOW ! i wonder what the CISO must have felt after reading that..

Btw, all you opera users, the site give's a fraud URL warning ..



I also found something over at Wikipedia :

In January 2005 it was revealed that a 21 year old cracker named Nicolas Jacobsen had been charged with intruding into T-Mobile's internal network[23]. Reports indicate that for about a year he had access to customer passwords, address books, Social Security numbers, birth dates, and Sidekick photos but not credit card numbers. He was also able to read customer e-mail including that of the US Secret Service. He was identified by a Secret Service informant as part of Operation Firewall who provided evidence that Jacobsen had attempted to sell customer information to others for identity theft. T-Mobile and the Secret Service did not elaborate on the methods Jacobsen used to gain access but sources close to the case indicated that an unpatched flaw in the Oracle WebLogic Server application software used by T-Mobile was the weakness he exploited[24]. Additional SQL injection vulnerabilities with their web site were reported by Jack Koziol of the InfoSec Institute[25].

An additional security flaw with their voice mail system passwordless login feature exposes the customer's voice mails to third-parties by way of Caller ID spoofing. T-Mobile recommends that this feature not be used but still offers it by default due to customer demand[26].

T-Mobile's policy of requiring prepaid phone customers using credit cards to provide the last four digits of their Social Security number has also been criticized.[27] Alternative methods of authentication such as the Card Security Code could be used instead.


http://en.wikipedia.org/wiki/T-Mobil...ecurity_issues



http://www.securityfocus.com/news/10271
http://www.wired.com/politics/securi.../2005/02/66735