Hacking into mobile phone voicemail systems

Filed Under: Data loss, Law & order, Mobile, Privacy

Voicemail
The big story in the British press today revolves around accusations that newspapers have been repeatedly hacking into the mobile phones of public figures in their hunt for stories.

The Guardian newspaper claims that Rupert Murdoch's news empire has paid out more than a £1 million to settle law suits that threatened to reveal evidence of dodgy dealings by journalists.

The allegation is that journalists working for papers such as the News of the World have employed private investigators to hack into the voicemail systems of the rich and famous. Actress Gwyneth Paltrow, former deputy Prime Minister John Prescott, London Mayor Boris Johnson, pop star George Michael, and smouldering celebrity chef and domestic goddess Nigella Lawson, are just a handful of the well-known names said to have been targeted.

How did they do this? Well, my guess is that the intended victim's mobile phone company is contacted, and the PIN which protects their voicemail is reset back to default (Some users may not have changed their passwords in the first place, making it potentially easier for hackers to gain access).

This wouldn't be the only way, of course. You could also bribe someone who works at the cellphone company (maybe in the call centre) to share information with you from their databases. But my guess is that they got in by resetting the person in the public eye's voicemail PIN code.

Once you have the voicemail PIN of your target, you call their mobile phone and enter their voicemail system by entering the PIN. Once you're in, you can trawl through their voicemail messages hoping to fish something plump and juicy out - which can then be turned into a tabloid news story.

The story that journalists have been breaking into mobile phone voicemail systems isn't actually news - or shouldn't be. In 2007, Clive Goodman, the News of the World's royal editor and private investigator Glenn Mulcaire, were jailed after they were found guilty of accessing voicemail systems connected to (amongst others) the Prince of Wales's household, publicist Max Clifford, and supermodel Elle Macpherson.

What is news is that it now appears that the phone hacking was much more widespread than previously thought, and involved more journalists. It wasn't just celebrities and royalty who were on the hackers' hitlists, but also senior government ministers.

The Metropolitan police is now said to be investigating the phone-hacking claims.

There will undoubtedly be calls for a higher standard of ethics amongst journalists, but maybe this is also time for the mobile phone operators to take a look at their own systems - and ask themselves if they are doing enough to prevent these kind of security breaches happening again in future.

Find out how phone hacking works, and how to better protect your voicemail.

, , ,

You might like

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.