Skip to main content

Weak passwords let a hacker access internal Sprint staff portal

posted onAugust 26, 2018
by l33tdawg
Tech Crunch
Credit: Tech Crunch

It’s not been a great week for cell carriers. EE was hit with two security bugs and T-Mobile admitted a data breach. Now, Sprint is the latest phone giant to admit a security lapse, TechCrunch has learned.

Using two sets of weak, easy-to-guess usernames and passwords, a security researcher accessed an internal Sprint staff portal. Because the portal’s log-in page didn’t use two-factor authentication, the researcher — who did not want to be named — navigated to pages that could have allowed access customer account data.

Sprint is the fourth largest US cell network with 55 million customers. TechCrunch passed on details and screenshots of the issue to Sprint, which confirmed the findings in an email.

Source

Tags

Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th