Carrier can't stop hackers stealing customer info

AT&T is booting "celebrity hacker" Kevin Mitnick off its cellular service. Mitnick's account is a target for script kiddies who think that hacking in and posting his personal details to the web is like winning a boxing match with both the Klitschko brothers at once.

While turfing him out cures a headache, it does reveal that AT&T is unable to secure its users' personal information.

"They can't seem to secure my account," Mitnick told The Register. "And then instead of doing something about it, they try to kill the messenger and want to boot me off their network when all I want them to do is to secure my account so no one gets access to my phone records."

Mitnick said the cellular account has been repeatedly breached over the years, despite a wide range of countermeasures he's followed to prevent the attacks. In recent years, he's committed the password to memory and has deliberately not shared it with anyone or kept it stored on a computer. ...

"There are so many ways into these networks," he said. "They have to take some responsibility, not just silence the people that are filing complaints."

AT&T is looking into whether it encrypts passwords. It isn't quite sure.

Besieged by attacks, AT&T dumps celebrity hacker [Reg]

Published by Rob Beschizza

Follow Rob @beschizza on Twitter.

Join the Conversation

4 Comments

  1. AT&T is looking into whether it encrypts passwords. It isn’t quite sure.

    It does. Single DES, brutable in 30 seconds or less with a modern botnet.

  2. @O_M: The ban expired a while back.

    I strongly suspect that this is just AT&T being fuckwitted; but I can’t quite banish the notion that some stodgy and besuited tool of the man is rubbing his hands together and laughing “See how you like it, Mitnick!”

  3. ” In recent years, he’s committed the password to memory and has deliberately not shared it with anyone or kept it stored on a computer. …”

    OMG what a GREAT idea!!!…..

Leave a comment

Your email address will not be published. Required fields are marked *