
T-Mobile plaintext password data breach thought to be imminent - shut_up_patrice
https://www.reddit.com/r/sysadmin/comments/8aem4n/tmobile_plaintext_password_data_breach_thought_to/
======
samb1729
Great job by T-Mobile allowing a social media rep to make claims about their
security. No doubt they'll be grateful for the free pen-testing that followed.

Just now I see tweets on my feed in which people claim to have found XSS
vulnerabilities[0], so I don't doubt they're doing security wrong. How big is
their GDPR fine going to be I wonder?

[0]:
[https://twitter.com/fabricio_giglio/status/98236273592413798...](https://twitter.com/fabricio_giglio/status/982362735924137984)

