linuzifer

CCC researchers had live access to 2nd factor SMS of more than 200 affected companies - served conveniently by IdentifyMobile who logged this sensitive data online without access control.
You had one job.

https://www.ccc.de/en/updates/2024/2fa-sms

CCC | Second Factor SMS: Worse Than Its Reputation

Jul 11, 2024 at 5:58amWeb
Show threadHmarkJul 11, 2024
@linuzifer @Martin Seeger am I wrong but this story sounds not really new to me and doesn't surprise or shock as it should? Because this type of problem is somewhat at least five years or more old? There were some findings about the SS7 protocols especially when UTMS was rather new?
Show threadMartin SeegerJul 11, 2024
@hmark That the content of SMS is being stored for years by a subcontracted 3rd party with SMS being used for authentication is worse news than normal.
Show threadlinuziferJul 11, 2024
@hmark I have a very strong feeling that you did not read the article completely.