Phones sold by the four major US carriers could have a major security flaw

Verizon, AT&T, T-Mobile and Sprint might have a big problem.

Sponsored Links


Customers using devices from four major cell phone carriers could unknowingly be exposing sensitive data to hackers, according to the Department of Homeland Security (DHS). Fifth Domain reports that DHS-funded researchers from mobile security firm Kryptowire have found vulnerabilities in phones used by Verizon, AT&T, T-Mobile and Sprint. The flaws are built into phones by manufacturers, and include a loophole that could exploit data, emails and text messages.

DHS hasn't specified which manufacturers are involved, but a source has revealed that "millions" of US customers are at risk. DHS program manager Vincent Sritapan told Fifth Domain that the vulnerability could "escalate privileges and take over the device" without the device owner's knowledge, and said that it would be difficult to tell whether the flaw has been exploited.

The manufacturers involved were allegedly alerted to the issue as early as February, when the flaw came to light following Kryptowire's research into the Blu phone company. The team is expected to release more details later this week, but if the issue is as pervasive as initial reports suggest, US cell phone carriers have a major problem on their hands. Engadget has reached out to Verizon, AT&T, T-Mobile and Sprint for comment.

Verizon was Engadget's parent company between June 2015 and September 2021.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget