Did T-Mobile Austria Really Just Admit It Stores Customer Passwords in Plaintext?

give that password theft from major tech companies like Yahoo has become routine , most bombastic firm now stack away their users ’ passwords in an encrypted data format . restrain a lean of users ’ passwords in plaintext creates a vast risk — steal that word database can give a hack admission to trillion of accounts . And if a party ’s users reuse their password on other websites , the breach can put a customer ’s entire online identity element at jeopardy .

That ’s why T - Mobile Austria ’s apparent admission this workweek that it stash away at least parts of customers ’ word in plaintext is potentially a stupendous fuckup .

sooner this week , a customer service representative using T - Mobile ’s Austria Twitter account indite that reps for the company can see the first four characters of a customer ’s password .

Argentina’s President Javier Milei (left) and Robert F. Kennedy Jr., holding a chainsaw in a photo posted to Kennedy’s X account on May 27. 2025.

“ The client service agents see the first four characters of your password . We salt away the whole password , because you demand it for the login , ” the rep wrote .

https://twitter.com/embed/status/981418339653300224

AsMotherboardreported , those four fibre could be used to guess or brute - force a password .

William Duplessie

But when customers pointed this out , T - Mobile answer that its surety was too good for hacker to infract . “ I really do not get why this is a job . You have so many passwords for evey [ sic ] app , for every mail - account and so on . We secure all data very carefully , so there is not a thing to fear , ” a rep wrote .

https://twitter.com/embed/status/981785213549383680

“ T - Mobile US customer concern representative can not see passwords , and we do not store watchword in plain text , ” a T - Mobile US spokesperson said . Gizmodo reached out to T - Mobile for more data about how its Austria stage business stores and secures customer watchword , and will update if we hear back .

Starship Test 9

Update 7:00 p.m. : A spokesperson for T - Mobile Austria said , “ Customer service agents see only parts of client ’ passwords which are safely stored in encrypted databases . We are also using one - clock time - PIN for customer authentication and are evaluating voice biometry for a ripe user experience . ”

PasswordsT - Mobile

Get the best technical school , science , and cultivation news in your inbox daily .

News from the future , delivered to your present .