O2 Privacy Flaw Sends Users' Mobile Numbers to Visited Websites
As noted by think broadband, a privacy flaw in the way UK carrier O2 handles web traffic on mobile devices has resulted in users' mobile numbers being sent to any website visited from the device as part of the headers in the HTTP requests. While O2 is apparently still investigating the situation, it appears to have the potential for significant privacy-related issues.
If you're reading this news article using your O2 mobile phone, you'll be pleased to know that O2 have already sent us your mobile phone number within the HTTP headers which normally contain information about how content can be displayed on your device. These headers are not normally seen by users, and usually not logged by most websites, but the flaw allows malicious sites to get more personal information about you than you may be willing to share.
For example, if you open an e-mail which includes references to external images, the mere action of opening the e-mail would divulge your phone number. This could be used by anyone undertaking a phishing attack or other scam to get more information from you. The opportunity to abuse this is potentially endless.
The issue was discovered by Twitter user @lewispeckover, who then set up a website to allow users to see what headers are being sent as part of their HTTP requests to websites.
He now notes that the headers coming from his device appear to have stopped showing his mobile phone number, although O2 has yet to issue an official statement on the matter. The company's Twitter account is continuing to blast out responses to concerned users, noting only that the company is looking into the situation and will issue an update when it knows more.
The issue is not exclusive to the iPhone and has the potential to affect all mobile data on the second-largest carrier in the UK, although some users have reported that they are not seeing their mobile numbers appearing in their HTTP request headers. The issue has the potential to for a significant impact on UK iPhone users, as O2 has proven to be a popular choice for iPhone users dating back to its status as the exclusive iPhone carrier in the UK when the device originally launched back in 2007.
Those familiar with the UK's privacy laws have indicated that mobile phone numbers are not considered protected information, but the disclosure of such numbers as part of standard HTTP requests does have the potential to carry implications for users.
Popular Stories
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices.
iPhone 17 Pro's alleged design via Front Page Tech
Below, we recap key changes rumored for the iPhone 17 Pro models as of March 2025:
Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone...
Apple has a staggering marketing claim for the new MacBook Air with the M4 chip.
Specifically, Apple says the new MacBook Air is up to 23x faster than the last Intel-based model. However, there are some details in the fine print to be aware of.
First, Apple said it compared a new 2025 MacBook Air with a 10-core M4 chip and 32GB of RAM to a 2020 MacBook Air with a quad-core Intel Core i7...
The upcoming iOS 18.4 update for the iPhone includes two smaller but meaningful improvements for Apple's in-car iPhone mirroring system CarPlay.
First, CarPlay now shows a third row of icons, up from two rows previously. However, this change is only visible in vehicles with a larger center display. For example, a MacRumors Forums member noticed the change in a Toyota Tundra with a 14-inch...
Apple is delaying some of the Apple Intelligence Siri features that it expected to release in iOS 18, an Apple spokesperson said in a statement to Daring Fireball.
Apple says that it is going to take longer than expected to roll out the more personalized Siri experience, and that these features will be rolled out "in the coming year.""Siri helps our users find what they need and get things...
It's been a busy week for Apple, with new products announced on Tuesday and Wednesday. We're now caught up on what's been rumored for a spring launch, so we thought we'd recap everything Apple came out with this week.
Subscribe to the MacRumors YouTube channel for more videos.
iPad Air
Apple updated the iPad Air on Tuesday, updating it with the new M3 chip. The iPad Air still comes in...
Apple's all-new ultra-thin iPhone 17 Air shares the same dimensions as the iPhone 17 Pro Max, with the only difference being in the thickness of the devices, according to the leaker Ice Universe.
Posting to their Weibo account, the Chinese leaker today claimed that the iPhone 17 Air and iPhone 17 Pro Max have identical body length, width, screen size, and bezels. "The only difference is the...
The new MacBook Air has a useful upgrade: it natively supports up to two external displays, in addition to the laptop's built-in display.
In other words, the latest MacBook Air can be used with a pair of external displays without needing to keep the laptop's lid closed.
Apple's tech specs for the new 13-inch and 15-inch MacBook Air:Simultaneously supports full native resolution on the...
Apple's first foldable iPhone should arrive around the end of 2026 or early 2027 with a book-style design and a premium price tag of over $2,000, according to analyst Ming-Chi Kuo. In a report today, Kuo outlines his expectations for the device, noting that it will have an approximately 7.8-inch "crease-free" inner display and a 5.5-inch outer display, matching a rumor from last month.
Kuo...
Apple has increased the thickness of the upcoming iPhone 17 Pro Max compared to the current generation iPhone 16 Pro Max, claims the Chinese leaker known as Ice Universe.
Apple is said to have increased the depth of the iPhone 17 Pro Max to 8.725mm, up from 8.25mm on the iPhone 16 Pro Max, which would be a 0.475mm difference in thickness. The increase "surely means a larger battery,"...
