We have new information on the T-Mobile data breach that compromised the personal information of millions of customers just a couple weeks ago.
The data breach resulted in the personal information of approximately 54 million customers being accessed by the hacker. The personal data includes name, address, date of birth, driver license information, and Social Security numbers.
The company claims to know who was behind the attack and how they were able to illegally gain access to servers.
T-Mobile data breach details
Mike Sievert, CEO of T-Mobile, posted a blog to provide an update on the situation following the cyberattack. He says the attacker accessed the testing environment first:
"What we can share is that, in simplest terms, the bad actor leveraged their knowledge of technical systems, along with specialized tools and capabilities, to gain access to our testing environments and then used brute force attacks and other methods to make their way into other IT servers that included customer data.
In short, this individual's intent was to break in and steal data, and they succeeded."
Hacker takes credit for T-Mobile attack
The Wall Street Journal reports that John Binns, a 21-year-old U.S. resident who has been living in Turkey, took credit for the T-Mobile data breach.
"The hacker who is taking responsibility for breaking into T-Mobile US Inc.'s systems said the wireless company's lax security eased his path into a cache of records with personal details on more than 50 million people and counting."
To prove his claim, Binns sent messages to the WSJ discussing details of the attacks before it became public information.
The WSJ says he managed to infiltrate T-Mobile's systems after identifying an internet-exposed router with a security vulnerability. He discovered the router using a publicly-available tool. Some security researchers believe this tool could be Shodan or something similar.
And now we know, based on the CEO's statement, that access got him into T-Mobile's testing environment at the start.
History of T-Mobile data breaches
CEO Sievert acknowledged that there is still more work to be done and that T-Mobile promises to take steps to further ensure its cybersecurity—including new contracts with Mandiant and KPMG.
However, this cyber incident is not the first T-Mobile has had to deal with. In fact, this is the fifth data breach for the company in only three years.
In 2018, a hacker was able to gain access to the personal information of two million customers. In 2019, T-Mobile "discovered and shutdown" unauthorized access to data of its customers. In 2020, hackers gained access to information of employees and customers, including employee emails. And the most recent one occurred in January 2021, when hackers accessed phone number information of roughly 200,000 customers.
With many recent incidents like these, do you believe T-Mobile when it says it is "fully committed to take our security efforts to the next level"?
[RESOURCE: SecureWorld conferences to get the latest on cybersecurity best practices and hear valuable perspectives from industry leaders.]