T-Mobile hack affecting 50 million customers

In yet another consequential cyberattack, T-Mobile, one of the largest telecommunication companies in the United States, is the latest victim. 

Last month it was revealed that John Binns, a 21-year-old US Citizen who now resides in Turkey, successfully gained access to the sensitive data of over 50 million T-Mobile customers. He listed the database for sale on an underground hacking forum with an asking price of six bitcoin (approximately $280,000 USD).

Information such as names, addresses, social security numbers, and driver's licenses was accessed in the attack. T-Mobile stated that financial and payment information was not compromised.

  • Published: 01-02-2022

  • Related Category: Network Security

  • Type of Content: Articles

  • Owner: TrustedSite

Binns claims he gained access to T-Mobile's network via an insecure router in July. He had been searching for weaknesses in their attack surface and was able to gain access to over 100 servers, including production, staging, and development servers, at a data center in the state of Washington.

He then used brute force attacks and other methods to make his way into other IT servers including an Oracle database server that contained customer information. Within a week he had compiled millions of records. T-Mobile has since remediated the compromised servers.

In the aftermath of the breach, T-Mobile faces a host of unanticipated challenges that will impact their business roadmap moving forward. First on their priority list is ensuring that the affected customers stay protected by supplying them with services like McAfee’s ID Theft Protection. TMobile also stated that they will aim to enhance their approach to cybersecurity, which will involve substantial investments in security partners and solutions. While these are important first steps, T-Mobile has a long road ahead to regain customer trust and repair reputation damage.

>> Download Article to continue reading.

Related Articles: