Link: CNN.com - A convicted hacker debunks some myths - Oct 7, 2005.
Kevin Mitnick is talking about his life after prison, his business and of course about hacking. He also explains how Paris Hiltons phone was accessed.
MITNICK: Well, how about Paris Hilton? She was attacked on her cell phone, and she was attacked two ways. One was because of a T-Mobile's Web site, and the other guy was able to compromise it by getting her phone number by going on T-Mobile's Web site, doing a password reset, which SMS-ed her new password because, presumably, only the owner would have the handset.
And then what they did was, they did a technique called caller ID spoofing, which allows a person to change the number they're calling from on their calling phone number display. So, they were posing as T-Mobile customer service, and they called her phone, and on the caller ID it showed as T-Mobile customer service, and then they told her, "There are some network difficulties. Have you been getting any SMS [messages] about a password reset, and what were the contents of the message?" and she freely gave it out, and that's how these guys were able to get to her T-Mobile Sidekick, and her e-mail, and whatnot.