Slashdot Mirror

← Back to Stories (view on slashdot.org)

O2 Fixes 'Accidental' Leak of Phone Numbers

Posted by timothy on from the take-this-leak-and-shove-it dept.

judgecorp writes "British mobile operator O2 says it has stopped sharing users phone numbers with all websites, and says the breach was an accident. Yesterday, users found that the operator was automatically passing their mobile numbers to any site they visited, while using O2's mobile network,"

13 of 42 comments (clear)

  1. Trusted partners? by daveewart · · Score: 5, Informative

    I see they keep banging on about "trusted" partners. Trusted by whom? That's the point which they seem to be missing... Certainly not "trusted by O2 customers".

    --
    "If you think the problem is bad now, just wait until we've solved it." --- Arthur Kasspe
    1. Re:Trusted partners? by biodata · · Score: 3, Insightful

      Does trusted partners include every internet link and server between them and their trusted partners? The main problem seems to be that they are sharing people's private information in an insecure, unencrypted format (plain text), using an insecure, unencrypted mechanism (http headers) with the internet at large. Isn't this a dereliction of their duty to protect the privacy of their customers' information?

      --
      Korma: Good
  2. Second link is wrong by piripiri · · Score: 2

    Second link is wrong. It should be: http://www.techweekeurope.co.uk/news/o2s-customer-phone-number-leakage-a-cock-up-56263.

  3. Script for checking by Inda · · Score: 2

    I got this link from the BBC News site. It just displays the headers (something most of us could do, I know):

    http://lew.io/headers.php

    My number did not appear. I'm on Tesco, who are a reseller for O2.

    --
    This post contains benzene, nitrosamines, formaldehyde and hydrogen cyanide.
    1. Re:Script for checking by jo_ham · · Score: 2

      Like they said - it (was) used for convenience with sites they were linked with, like O2 tickets and ringtone sites within their portal. There's nothing inherently Machiavellian about this, but I suppose it is the slashdot modus operandi to assume that companies can't do anything *but* be evil.

    2. Re:Script for checking by viperidaenz · · Score: 2

      You'll find most ISP's run transparent caching proxies. The benefit to customers is decreased page load time, the benefit to the ISP is decreased bandwidth.

  4. Re:me.surprise==0 by Sockatume · · Score: 2

    O2 belongs to Telefonica these days.

    --
    No kidding!!! What do you say at this point?
  5. Privacy is like virginity by aglider · · Score: 2

    Once you've lost it, it's gone forever.
    Unless you change something really ... low level.
    Like the phone number.

    --
    Sent as ripples into the electromagnetic field. No single photon has been harmed in the process.
  6. They cocked up but... by iB1 · · Score: 2

    O2 screwed up by making what appears to be a school-boy error. However, after they were notified of the fault, they admitted blame, fixed it quickly and told everyone what happened. It would have obviously been preferable if this leak hadn't happened in the first place, but I can't blame them for how they handled it.

  7. Re:O2 "Fixes" ? by jo_ham · · Score: 3, Insightful

    "Caught red handed"

    What do you mean? It was a mistake that started on January 12th and was corrected when it was noticed, yesterday.

    You make it sound like this was some secret, evil scheme.

  8. Gotta love those quote marks by Burb · · Score: 2

    Compare:
    O2 Fixes 'Accidental' Leak of Phone Numbers
    vs
    O2 Fixes Accidental Leak of Phone Numbers

    --

    1. Re:Gotta love those quote marks by jo_ham · · Score: 2

      It's to be expected for the standard slashdot groupthink - didn't you get the memo? Anything a company does, without exception, has a secret, ulterior motive designed to crush the common man, hurt open source, and destroy privacy.

      It's simply not possible for a company to ever do anything accidental. This was clearly O2's plan all along and they've been "caught" trying to be evil. Score one for the little guy!

      DISCLAIMER: The above comments might be facetious. YMMV.

  9. Re:Who's lying/incorrect? by IAmGarethAdams · · Score: 2

    The paper from two years ago mentions the problem in relation to

    the U.K.'s Orange and Canada's Rogers Wireless

    and not in relation to O2. Had they been involved 2 years ago, I would have expected them to be named in that original paper.