Apple and T-Mobile continued a security flaw that allowed strangers to access iMessages, FaceTime calls
Apple and T-Mobile face class action lawsuit over iPhone security flaw that allowed strangers to access private iMessages and FaceTime calls
- The class action lawsuit against Apple and T-Mobile was filed in New York on Monday
- It claims that the companies compromised consumer privacy by not revealing a security flaw that allowed strangers to access iMessages and FaceTime calls
- The error allowed an Apple ID to remain associated with a T-Mobile SIM card even after the iPhone owner stopped using the SIM card and changed the phone numbers
- As a result, the previous owner was able to receive messages intended for a new owner who was assigned the phone number after it was recycled by T-Mobile
- The lawsuit accuses Apple of misleading customers by promoting its privacy features, despite the fact that the error remains in effect for at least seven years
- It claims that T-Mobile exacerbated the problem with its practice of recycling numbers
Apple and T-Mobile are being sued for a long-term security flaw that allowed strangers to access private iMessages and FaceTime calls.
A class action lawsuit filed by U.S. Plaintiffs Tigran Ohanian and Regge Lopez on Monday in the U.S. District Court for the Southern District of New York accused the defendant companies of compromising consumer privacy by not reporting the error.
The case revolves around an issue first discovered in 2011 that caused an Apple ID – the account required to use Apple products – to remain linked to a T-Mobile SIM card even after the iPhone owner had stopped using SIM card and changed phone numbers.
As a result of the “legacy connection”, the previous owner was able to receive iMessages and FaceTime calls that were intended for a new owner to whom the phone number was assigned after it was recycled by T-Mobile.
Apple and T-Mobile face class action lawsuit over long-term security flaw that allowed strangers to access private iMessages and FaceTime calls (file photo)
The suit says neither Apple nor T-Mobile tried to avoid the problem by requiring customers to manually disconnect their Apple ID from their old phone number before switching SIM cards.
“Apple knowingly allowed multiple unrelated Apple IDs from consumers who had purchased iPhones to co-exist and be associated with the same phone number,” the complaint said, while T-Mobile exacerbated the problem by engaging in misleading SIM card practices. ‘
It is alleged that both Apple and T-Mobile have caused customers to “become unsuspecting victims of extensive security breaches.”
While the error first came to light in 2011, the suit claims it “still has consequences for customers.”
The error allowed an Apple ID to remain associated with a T-Mobile SIM card (in a file photo above) even after the iPhone owner stopped using the SIM card and changed the phone numbers
Ohanian and Lopez filed the class action procedure individually and “on behalf of all other persons who are in the same way.”
The complaint describes how Ohanian received “large amounts” of unwanted messages addressed to Lopez after Ohanian gave up the number and recycled it to Lopez.
It also refers to 2011 and 2012 news articles about how other people were affected by the error.
It’s unclear how widespread the problem was before Apple addressed it in 2018 by requiring multi-factor authentication under the iOS 12 operating system update.
Apple Insider, who was the first to report the lawsuit, noted that both iPhone users had to associate the same number with their respective Apple ID accounts to cause the error.
The lawsuit seeks unspecified legal and punitive damages for the named plaintiffs and other involved parties.
Apple and T-Mobile did not immediately return requests for comment from DailyMail.com or other newscasts.
Read the full lawsuit below: