O2 phone numbers leak just the start?

Experts warn that 2012 will see more data leaks

It appears as though Carrier IQ and the O2 phone numbers leak could well be just the start of a series of privacy infringements in 2012 that will hit the UK

In response to the O2 phone numbers leak a number of privacy and cyber security experts have come together to warn customers that this is not the last time their phones will be under threat.

Speaking at a forum which was held yesterday Stuart Coulsen, Director of data centres for security firm Secarma has warned that actually these data leaks have beeon going on fas far back as 2007.

“It seems that other networks now protect users against sharing your mobile number in this way but they do share an awful lot of information about the make and model of the phone you are using among other things.

“This information can be used legitimately to modify the site for different phones, for example, but it seems like an excessive amount of personal information to take only for this purpose.”

David Cook, a solicitor for Pannone has also expressed his concern over such large companies as O2 and HTC with the Carrier IQ software being allowed to share personal data.

“Things like this will become more and more commonplace this year. O2 is a big company and they must have tested this before. It really is terrifying.”

O2 has fixed the flaw which saw many O2 users give away their mobile phone numbers to websites when browsing through their smartphones.

As you can see via the above image, the problem has been rectified with O2 releasing a full statement explaining the problem and stating how long it had been going on.

"In between the 10th of January and 1400 Wednesday 25th of January, in addition to the usual trusted partners, there has been the potential for disclosure of customers’ mobile phone numbers to further website owners."

It appears as though the security flaw has been active for around two weeks, during this time some websites would have had access to O2 customer mobile numbers.

The flaw was disovered by Lewis Peckover, a system administrator for a mobile-gaming developer who found that when a user connects to the internet using their mobile phone, certain sites were able to see certain information about your handset including the number.

To test this out Mr Peckover set up an online script which anyone can use to test it out for themselves, T3 did so using an Apple iPhone 4 and found that indeed, if on O2, the mobile number was visible (see image above).

We've tested it on a number of other devices on other networks including a Nokia Lumia 800 on Orange and found that the number is hidden from view.

In talking to the BBC Mr Peckover has confirmed that it appears to depend on the device with feedback suggesting that while the problem is sporadic it does affect most users.

O2 were contacted to comment on the matter and have replied with this confirmation: "We're currently investigating this as our top priority - we'll update you as soon as we can. "

Are you on O2, have you tried it out yet? Let us know if you're one of those affected via the comments box below...

Tags