A security flaw in Apple’s online store exposed the account PINs of more than 72 million T-Mobile customers, according to BuzzFeed News.
![](/wp-content/uploads/archive/CC90940E-D8EC-4747-8A20-4C3BA7055657.jpg)
![](/wp-content/uploads/archive/CC90940E-D8EC-4747-8A20-4C3BA7055657.jpg)
Security researchers Phobia and Nicholas “Convict” Ceraolo discovered the problem. They also found a similar flaw in the website for phone insurance company Asurion that exposed AT&T account PINs.
Apple’s verification process while checking out allowed for infinite attempts at the account PIN, allowing hackers to continuously attempt gaining access to your account if you’re on the T-Mobile network. The problem may have been due an engineering mistake made when linking a T-Mobile application programming interface to Apple’s website, Ceraolo said.