O2 could be about to face a serious customer backlash, after it was revealed today that the network was revealing users mobile phone numbers to websites they visit on their handsets.
Twitter user @lewispeckover spotted the problem, and put together this simple website that illustrates the issue.
The site shows the x-up-calling-line-id header, a script which requests the user’s phone number, has been given by O2 free reign to harvest user details when visiting the page on a mobile phone. Any website could request the same information, meaning O2 may have a serious problem when it comes to their privacy and data protection methods.
With both Tesco Mobile and GiffGaff using O2’s infrastructure, it’s likely that their users are affected by the problem too.
O2 are said to be investigating the matter as a “top priority”. And considering the potential phishing scams that could be run with this, so they should be.
We’ll pass on any new findings as the story develops.