Thursday, January 13, 2005

It's 10:00 pm, who has your messages?

Hacker Breaks Into T-Mobile Network

For those of you who use your cell phones for email, file transfer and sharing a variety of sensitive information but won't use a credit card on the Internet because you think some hacker will steal your card number and go shopping on your nickel or worse, SURPRISE! You've got it backwards.

A 21 year has been charged with breaking into T-Mobile's network and stealing the names, Social Security numbers, passwords for email and voice mail as well as reading email and computer files of 400 customers. The good news is that this is a tiny fraction of their 16.3 million customers in the US, credit card information was never revealed and all customers whose information was compromised have received written notice of the breach. Also, T-Mobile immediately took action to deny further access to their system.

A Secret Service agent who specializes in tracking hackers, and was investigating this break-in, also happened to be a T-Mobile customer and victim in this case. So if you were among the 400, you're in good company.

This is a good time for a reminder to change your passwords and be careful of what you send in an email. Email is not secure. There is no encryption in email, and anyone who has admin access to your account, steals your password or even has access to your computer can read your files. Also, slip and change one character in an email address, and you've just sent your message to a complete stranger. Let's not even discuss people who forward your messages without your consent.

The same problems apply to text messaging. One wrong keystroke will send your message to the wrong person. And who hasn't called a wrong number or heard a message on your voicemail that was meant for someone else?

On the other hand, T-Mobile kept their customers' credit card information secure. They deserve credit for keeping financial information away from this hacker. I have great respect for them, and they still deserve their customers' trust.

Please understand the difference between using online shopping and email. When ordering online, make sure that you are using a secure order form that will be submitted with encryption. The URL of the form should begin with https: The "s" means secure. Also, look for a closed padlock on the status bar when using Internet Explorer. When you see these, your information will be encrypted and transmitted in so many small packets that no hacker has yet found, decoded and reassembled anyone's credit card number or Social Security number.

Shopping online with reputable merchants is very safe. Sending sensitive information by email or discussing personal matters on your cell phone is not. Any questions? Leave a comment below.

No comments: