CBSN

How Vulnerable Is Cell Phone Data?

Paris Hilton, the globetrotting hotel heiress whose sex tape with an ex-boyfriend flew around cyberspace, has been exposed online in a different way.

Authorities believe somebody hacked into her personal cell phone or the server of her cell phone service provider, stole the phone numbers of her friends, then posted them on the Internet.

And since then, the phones of some of her biggest celebrity friends have been ringing off the hook.

Those big-name stars include Eminem, Christina Aguilera, her own sister. Nicky, and even tennis star Andy Roddick.

Not only that -- racy photos and personal text messages also made their way onto the Web.

Ironically, the device (a "T-Mobile sidekick") is the same product she's been endorsing in commercials.

Investigators suspect the hacker involved bypassed T-Mobile's online security system.

The company says it's investigating, but ordinary cell phone users are concerned.

"I just think it's completely unfortunate that we can't leave our cell phones on anymore," says student John Lind. "The lack of security -- you shouldn't even have to worry about it."

The security breach will likely force many to think twice before giving out their cell phnone numbers.

How concerned should you be?

Vincent Weafer, senior director of security for Symantec, a company that specializes in providing security for a broad range of telecommunications products, says this particular case is thought to have been "a very traditional hacking attack. They went after the Web servers controlled and managed by the cell phone company themselves, not her device, and once they got her personal information, they were able to get hold of photographs and confidential information, everything that was basically stored on her account online."

Asked The Early Show co-anchor Julie Chen: How can we protect ourselves from such an attack?

Says Weafer, "The most important thing is, for traditional phones, where all you're doing is dialing and receiving calls, there's very little danger of hackers or someone writing a virus to get on that system.

"However, many of us starting to use these 'smart phones,' with e-mail, instant messaging, and in some cases, even browsing the Internet directly, and in those cases, we're starting to see things like computer viruses and Trojans, starting to appear on some of these devices."

So does using a smart phone mean we're exposing ourselves to possible hacking?

"We've already seen examples of some viruses that directly target some of these phones. One case, first reported last week in the U.S., comes over (a wireless technology called) Bluetooth and tries to infect your phone.

"So, I think, as a general warning for people, as we're starting to use more data communications on our cell phones, we need proection: antivirus, personal fire wall features are made available for some of these phones, and you should think about using some of the security already on the phones such as PIN numbers, as you'd find on an ATM machine.

"In most cases, you can talk to the cell phone provider (to get such proection), or you can get it directly from people like Symantec and other vendors who will sell this directly to you. In general, you're looking at a cheap cost."

Chen jnotes that T-Mobile, Hilton's provider, suggests using complex passwords, protecting your device, monitoring your account activity and notifying your carrier of anything suspicious.

Weafer agrees, and goes further: "One of the most common mistakes we find is a lot of people keep their personal information such as PIN numbers, ATM numbers and computer passwords on their cell phones, because they find it convenient to carry around with them. If a cell phone is not protected, it can compromise everything. So the advice given (by T-Mobile) is very good. You should always be monitoring your accounts to make sure there's no unusual activity. You also definitely want to use at least the PIN numbers that come with the cell phones themselves."