Had to share this for the lulz (Patreon)

T-Mobile Austria apparently stores their user's passwords in Plain text, which came to light after a customer service rep said that reps could only see the first 4 characters of anyone's password.

This means they aren't hashing and salting passwords like they should.

This is a horrid example of what -not- to do in customer service, let alone security: https://twitter.com/tmobileat/status/981785213549383680

And, well, when you say your company has "amazing security", infosec pros are bound to start hunting to prove you wrong: https://twitter.com/hanno/status/982530560512978946