Before we bring you any details about this rather
serious security failure someone just discovered (and we've verified) concerning Sprint's online Picture
Mail service, we'd like to implore everyone reading this to maintain a sense of civility and not to immediately go
breaking into every account they can think of. That being said, we've been tipped by numerous people to a Howard Forums
thread that claims entering any Sprint phone number into the Picture Mail login page on PC and mobile browsers and
clicking OK will gain you access to the account -- no password necessary. Not only are Sprint customers' pictures and
videos completely unprotected, the bug also allows anyone to view the email address associated with the given phone
number (even if he/she doesn't upload photos) -- thereby assembling your digits, your name, and pictures of yourself
and your family into one handy, stalker-friendly package. We hope that publishing this major flaw will allow our
readers to take down any pics they may want to remain private,
and more importantly, that it will cause Sprint to fix this problem ASAP.
Update: Mark Z. informed us that the Picture Mail login option has been replaced with a generic maintenance page. We'll save you the specifics, because the real message is written between the lines: "Please excuse our appearance while our PR team finishes with damage control."
[Thanks to everyone who sent this in]