cancel
Showing results for 
Search instead for 
Did you mean: 

Voicemail hacking.

perksie
Level 69: Guiding Light
  • 27019 Posts
  • 247 Topics
  • 1614 Solutions
Registered:

I was watching the BBC News today and they have been listening to a tape in a court case describing how a private investigator was able to phone O2 with a false name but the correct password (no idea how he got that) in order to succesfully get the pin to someone's voicemail reset to the default, so they could then play back and listen to their messages.

 

It's a pity they were allowed to continue without having the account holder's correct name, but I gather the thief had a very good line of chat.

 

I agree this is a difficult area and how they obtained the account password is unknown.

It goes to show that we really cannot be too careful with how we store our passwords and who might be able to gain access to them.

I use a password manager to store all mine under a master password that only I know.

 

There are quite a few apps and programs out there that can take care of this and I use LastPass on my pc and Colornote on my phone which seem to do the job well enough.

 

 

To support Disasters Emergency Committee: http://www.dec.org.uk/appeals text Nepal to 70000 to send £5

Sky Unlimited Broadband - Windows 10 - Nexus 4 Android 5.1.1
Message 1 of 15
3,539 Views
14 REPLIES 14

aldaweb
Level 26: Upbeat
  • 1722 Posts
  • 50 Topics
  • 65 Solutions
Registered:

Given that account passwords  for contracts are typically something like mother's maiden name then with a bit of investigation or social engineering they can be guessed.

 

That doesn't excuse O2 for allowing the PI to reset the PIN on the voicemail of course but similar to the hacking of Mat Honan's iTunes, Amazon, and Twitter accounts, if procedures aren't in place or followed correctly anyone is vulnerable. 

 

I use Keepass personally across all my devices for password storage.

iPhone 14 Pro (O2 ), S23U (EE), iPad Pro LTE (EE), .

Reviews: iPhone-X-first-impressions ¦ Blackberry Classic ¦ Blackberry Z30 ¦ Nokia Lumia 1020 ¦ Samsung S4 Mini Part 1 ¦ Samsung S4 Mini Pt. 2
Message 2 of 15
3,144 Views

Anonymous
Not applicable

You would hope that O2 would send out via text a random PIN to the phone number on the account to prove that the person ringing up actually had the phone & was the account holder.

 

I'd rather O2 introduce this practice accross the board for ANY dealing's with account enquires, change of address, upgrade's, voicemail pin reset etc.

 

 

Message 3 of 15
3,130 Views

Anonymous
Not applicable
I agree with the above post 100% I also think O2 should be taken to court for allowing this to happen. The pain and suffering that was caused by this and similar hacks is unforgivable.
Message 4 of 15
3,088 Views

perksie
Level 69: Guiding Light
  • 27019 Posts
  • 247 Topics
  • 1614 Solutions
Registered:

Taken to court? For what exactly?

 

Sending out a pin is ok provided the phone it's being sent to hasn't been stolen and the request made by the thief!

To support Disasters Emergency Committee: http://www.dec.org.uk/appeals text Nepal to 70000 to send £5

Sky Unlimited Broadband - Windows 10 - Nexus 4 Android 5.1.1
Message 5 of 15
3,083 Views

Anonymous
Not applicable
Lol Taken to court for allowing the voicemail in the first post to be hacked and no doubt many others. Also similar things like the hack that happened to me
Message 6 of 15
3,077 Views

perksie
Level 69: Guiding Light
  • 27019 Posts
  • 247 Topics
  • 1614 Solutions
Registered:

Not going to happen as they have done nothing wrong, you don't nick the shopkeeper when his shop is broken into.

To support Disasters Emergency Committee: http://www.dec.org.uk/appeals text Nepal to 70000 to send £5

Sky Unlimited Broadband - Windows 10 - Nexus 4 Android 5.1.1
Message 7 of 15
3,062 Views

Anonymous
Not applicable
I agree a shop keeper isn't at fault when broken into, unless his security wasn't sufficient. For instance if he forgot to lock the shop on the way home his insurance company wouldn't pay out.

Any organisation holding our personal data has a huge responsibility to protect it as set out by the Data Protection Act 1998 more information on this can be found at http://www.legislation.gov.uk/ukpga/1998/29/contents.

Many organisations have fallen foul of this act at one time or another, more on this at http://www.ico.org.uk/ the protection of our personal data is extremely important and company's not complying with this should be brought to account more often in my opinion.
Message 8 of 15
3,053 Views

perksie
Level 69: Guiding Light
  • 27019 Posts
  • 247 Topics
  • 1614 Solutions
Registered:

@Anonymous wrote:
the protection of our personal data is extremely important and company's not complying with this should be brought to account more often in my opinion.

If you think the security isn't up to the job, then make a complaint to the ICO and let us know what they have to say on the matter.

 

The number of security breaches reported here are tiny and no worse than any other major UK company, when you consider they hold the account details for 23 million customers, so it would appear they have it fairly well organised.

To support Disasters Emergency Committee: http://www.dec.org.uk/appeals text Nepal to 70000 to send £5

Sky Unlimited Broadband - Windows 10 - Nexus 4 Android 5.1.1
Message 9 of 15
3,044 Views

MI5
Level 94: Supreme
  • 151684 Posts
  • 649 Topics
  • 28840 Solutions
Registered:
Obviously we here about it here when it goes wrong but we don't get all that many reports and they have diminished somewhat lately..... I do wonder how many attempted attacks CS defend each day though...?
I have no affiliation whatsoever with O2 or any subsidiary companies. Comments posted are entirely of my own opinion. This is not Customer Service so we are unable to help with account specific issues.
Please select the post that helped you best and mark as the solution. This helps other members in resolving their issues faster. Thank you.
Message 10 of 15
3,036 Views