EE Flunks Site Security Which? Hunt

By Gary Cutlack on at

Mobile network EE has come out bottom of a web security league table put together by consumer group Which?, with the 4G specialist said to be failing when it comes to protecting users of its own site.

Which? compared all of our mobile networks' internet presences, testing the "front-facing and logged in areas of mobile providers’ websites" and checking their login reminder protocols, security setting password strength requirements and more, putting together a table of apparent web site strength.

The watchdog is quite brutal in its assessment of EE's web site, saying: "EE scored bottom for the crucial measures of web security and login detail reminders and answers to its pre-set security questions could potentially be easy for a hacker to source via details you might share on social media. If you value your personal information, think carefully before signing up to a contract with EE."

The network says it "adheres to all industry accepted protocols" though, and thinks the survey's rules may not actually adhere to current best practise.

Three also came in for some stick, with Which? saying it's a flaw to use a customer's mobile number as a login, adding: "Three’s customers face a heightened risk of being hacked. Answers to its two pre-set security questions could also be sourced too easily via social media." [Which?]