A security researcher discovered a critical privacy vulnerability on Verizon Wireless’s Web-based customer portal that allows anyone to download user’s SMS History and Numbers of other users he communicated with. Verizon has created a dedicated email contact, CorporateSecurity@verizonwireless.com, to field these security issues. Back in August, researcher’found that a simple URL exploit could allow any subscriber to extract data using ‘function. Download to SpreadSheet’ function. An attacker only needs to modify the subscriber’s phone number in the URL and this would give an attacker access to the SMS history.
Source: https://thehackernews.com/2013/10/critical-but-simple-vulnerability-in.html