A spokesman for the comparison site said: “The personal details found included the names and addresses of the HTC customers in question together with the serial number and IMEI number of the mobile phone they own. If these details fell into the wrong hands then customers could become the victims of fraud such as phishing scams.
“The vulnerable web address were numbered sequentially and if each contained consumer information then over 25 million records could have been exposed. When we tested a sample of around 50 web addresses all contained data and around 30% contained personal details of individual customers.
“These details were available by typing a simple website address into any browser on any computer. The website address in question does not belong to HTC but to a third party contractor who carries out certain customer services on behalf of HTC.”
A member of staff at www.mobilesplease.co.uk added: "A malicious person with limited technical knowledge could have written a simple program in 30-60 minutes to harvest these records. Then they could do what they like with them."
www.mobilesplease.co.uk informed HTC of the problem and they claim HTC got their contractor to secure the website concerned.
HTC have not issued a statement regarding this allegation.
No comments:
Post a Comment