T-Mobile hacked, Secret Service documents compromised

Rather disturbing story in The Register:

A sophisticated computer hacker had access to servers at wireless giant T-Mobile for at least a year, which he used to monitor US Secret Service email, obtain customers' passwords and Social Security numbers, and download candid photos taken by Sidekick users, including Hollywood celebrities, SecurityFocus has learned.

FURTHER THOUGHTS: I wonder to what extent other security agencies rely upon unencrypted transmissions over apparently insecure public networks? Then there's the whole question of the inherent insecurity of GSM, and the speculation that this was at the behest of its European government sponsors (the actual implementation of ordinary GSM encryption apparently being far below the protocol's potential). The successful tracking of al Qaeda members through their prepaid GSM SIM cards is a case in point, though it is unclear whether there is actually a built-in backdoor. I do know that the GSM protocol ranks users, with VIPs getting first crack at available bandwidth and regular subscribers getting priority over pay-as-you-go customers. Do the VIPs get their messages transmitted in more secure fashion, as well?

Posted by David on January 12, 2005 6:39 PM