Customers using devices from four major cell phone carriers could unknowingly be exposing sensitive data to hackers, according to the Department of Homeland Security (DHS). Fifth Domain reports that DHS-funded researchers from mobile security firm Kryptowire have found vulnerabilities in phones used by Verizon, AT&T, T-Mobile and Sprint. The flaws are built into phones by manufacturers, and include a loophole that could exploit data, emails and text messages.

DHS hasn't specified which manufacturers are involved, but a source has revealed that "millions" of US customers are at risk. DHS program manager Vincent Sritapan told Fifth Domain that the vulnerability could "escalate privileges and take over the device" without the device owner's knowledge, and said that it would be difficult to tell whether the flaw has been exploited.

More at: