Lebara website made phone numbers stealing other customers possible

That way you could target someone. You would then have to find out someone’s password through another method. If that succeeds, you could, for example, log into someone’s email account or steal bitcoin, for example.


The problem, which has now been solved, was discovered by the informant who contacted the NOS. He found that he can skip a verification step when porting a Lebara number.

The NOS then succeeded three times to transfer a telephone number that was already in the possession of the NOS to a new SIM card.

To transfer a SIM card, you need two SIM cards: the old one with the number to be transferred and a new one with a temporary number. You actually have to confirm that you have them for both SIM cards by typing a code that is sent by SMS. This should prevent you from taking over someone else’s telephone number.

But it also turned out to be possible to perform the verification twice on the new SIM card, and not once on the SIM card to be taken over. The number was then transferred without any problems, Lebara confirms. “That is of course very annoying.”

The provider immediately took the switch module off the air after reporting by the NOS and then solved the problem. “It’s a wake-up call,” said the spokesperson. “It shouldn’t be able to happen again.”

Share on facebook
Share on pinterest
Share on twitter
Share on linkedin
Share on email


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.