This Time, Citizens Collect Feds’ Communications Metadata

As recently as August 2013, a Verizon glitch exposed government officials' text message histories in a way that would have allowed anyone to discern their inner circles, according to security researchers.

The vulnerability was fixed after a non-government customer pointed out the danger to the company this summer. Attackers could simply type their target's phone number into a URL to see a spreadsheet of text message contacts, timestamps and dates, according to researchers. The content of the messages was not visible. "This was a very basic Web application security flaw that was trivial to exploit. All you need is a browser, no special hacking tool," said Johannes Ullrich, dean of research for the SANS Technology Institute. Verizon Communications, the largest telecommunications supplier to the federal government, said no government users, or any other users, were affected by the bug. "No customer information was impacted," company spokesman Kevin Irland said. "Verizon takes customer privacy seriously. As soon as this was brought to the attention of our security teams, we addressed it."