April 4, 2025 By Pieter Arntz
Security researcher Evan Connelly discovered an enormous flaw affecting one of the largest telecommunications companies in the world that could allow any single person to view the recent incoming call log for potentially any Verizon phone number.
“In short, anyone could lookup data for anyone,” Connelly said.
A vulnerability in the Verizon Call Filter iOS app allowed anyone to request the call logs of millions of US Verizon customers. The Verizon Call Filter app for iOS allows customers to view a log of their recent calls. This log will show them the phone numbers and an associated timestamp.
To request such a log the app sends a request to a server to fetch the data belonging to the phone number in question. The network request to the server contains various details such as your phone number and the requested time period for call records. The server then responds with a list of calls and timestamps.