A 21-year-old US citizen named John Binns has claimed responsibility for the T-Mobile data breach and labeled the carrier’s “security is awful.”
Earlier this month, T-Mobile suffered a data breach in which a hacker claimed to steal the personal data of 100 million customers. Although the company acknowledged the breach yet claimed that the incident affected 40 million customers.
Now, T-Mobile has revealed additional information on how the hacker successfully targeted the telecom giant and stole data that was supposed to be guarded by top-notch security practices.
The CEO of T-Mobile Mike Sievert apologized to the customers for the data breach and reassured them that the carrier is taking steps to make their servers secure to avoid such attacks in the future.
“Keeping our customers’ data safe is a responsibility we take incredibly seriously and preventing this type of event from happening has always been a top priority of ours. Unfortunately, this time we were not successfulKnowing that we failed to prevent this exposure is one of the hardest parts of this event. On behalf of everyone at Team Magenta, I want to say we are truly sorry,” Sievert wrote in a blog post.
It is worth noting that initially, the treasure trove of T-Mobile customers’ data was available for purchase for 6Bitcoin, however as reported by Hackread.com, the data was sold only for $200 and included:
- Birth dates
- Driver’s license numbers
- Full names
- Phone numbers
- Physical addresses
- Security PINs
- Social security numbers
- Unique IMSI
- IMEI numbers
- Social Security Numbers.
The only sigh of relief for customers is that their financial information was not included in the breach. However, details of all former, current, prospective, as well as business customers were present in the stolen data.
To address these concerns T-Mobile has hired Mandiant, a company that provides cybersecurity under FireEye. The company claims to have identified the flaw and working to fix it. They further claim that “a bad actor” gained illegal entry into their servers.
“What we can share is that, in simplest terms, the bad actor leveraged their knowledge of technical systems, along with specialized tools and capabilities, to gain access to our testing environments and then used brute force attacks and other methods to make their way into other IT servers that included customer data. In short, this individual’s intent was to break in and steal data, and they succeeded,” added Sievert.
On the other hand, Wall Street Journal has reported that a 21-year-old US citizen named John Binns claimed responsibility for the attack and labeled the carrier’s “security is awful.” Binns claims that the attack was a way for him to gain attention.
WSJ further reports that Binns used an unprotected router to look for weak spots using a publicly available tool. Binns then used these weak spots to gain access to the data center, gaining access to hundreds of servers with the use of stored credentials. However, it is unclear if Binns acted alone or not.
T-Mobile has the second-largest customer base of more than a hundred million (104.79 million) in the US. That is why increased security is crucial to their systems. T-Mobile has claimed to have notified “just about every current T-Mobile customer” whose data has been stolen. They have also created a webpage to provide details on this matter.
🚨 #ShinyHunters, the infamous hacker behind some of the top #databreaches is now selling 70 million customer records allegedly belonging to @ATT. | @WAK4S https://t.co/hcjYLUsyHO#Security #databreach #hacking #infosec
— Hackread.com (@HackRead) August 20, 2021
T-Mobile and data breaches
If you are a T-Mobile customer you must be aware that the telecom giant has a history of data breaches. In fact, from 2015 to 2021, T-Mobile has been involved in at least five (1, 2, 3, 4, 5) reported data breaches.