UK Carrier O2 Reportedly Sending Phone Number to Every Website You Visit [Updated]

The Next Web has just reported that UK Operator O2 is sending user's phone numbers in the header information when you visit a website over O2's 3G network.

TNW reports:

The issue was brought to our attention to Lewis Peckover, who created a simple webpage to check the information that a mobile browser would send to a website when it requested data.

Whilst most of the data was to be expected, including the Host, User Agent, Referrer and Encoding, there was also another field in the results — x-up-calling-line-id.

What is x-up-calling-line-id? Your mobile phone number.

TNW also tested this out on their iPhone on O2's network and they received the following results, which included the phone number.

TNW reports that O2 hasn't responded to them though they're telling users on Twitter that they're actively looking into the problem.

We’re investigating this with our internal teams, and will come back with more as soon as we can

TNW reports carried out the test on other mobile networks and confirms that Orange, T-Mobile, Three and Vodafone do not send the mobile number to websites in header information.

O2 is one of Apple's iPhone partner in the UK and was the first operator in the UK to offer Apple's iPhone.

If you're on O2's network then we would strongly recommend you to visit only trusted websites until the issue is resolved.

Update:

O2 has just tweeted that they're looking into the issue on top priority:

@JerryWSL @iphonehackx it's our top priority - we're investigating this at the moment. Once we've got an update, we'll let you know.

[source The Next Web]