Cellcom login information revealed – Part II

Today I’ve received a phone call from Cellcom regarding my previous post. On the other side of the line was a customer relations representative. I’ve tried to explain to her that saving a password in plain-text is not legitimate, and that showing it to everyone with access to my phone is even less legitimate.

The representative tried to persuade me that the israeli ministry of communications made them show the login information. I told her that I don’t buy it and that it is violating the first rule of security. She told me that she will send my post to the team that handles the website, so I asked her to keep me notified and that the team will contact me, but she refused.

I don’t believe that they will change it anytime soon (Maybe if a Saudian hacker will find a way to exploit it and publish all the information in their database…)

I recommend that the password you use for Cellcom’s website won’t be the same password you use for your email etc, because anyone with access to their database can access it as well as anyone with access to your phone.

This site is hosted by:

One Response to “Cellcom login information revealed – Part II”

Leave a Reply