T-Mobile's Hacker Brute-forced His Way Through Company's Network

T-Mobile’s Hacker Brute-forced His Way Through Company’s Network

Mike Sievert, the CEO of T-Mobile, said that the hacker who breached the company’s network was able to gain access to it by brute forcing after compromising its testing environments.

Although the attacker could not steal customer financial information, such as credit card information, debit, or other payment information, the data breach was huge.

According to T-Mobile, the hacker gained access to the company’s database that contained the personal information of 54.6 million current and former customers. The data accessed included Social Security numbers, phone numbers, names, addresses, dates of birth, T-Mobile prepaid PINs, and driver license/ID information.

Sievert said in a statement published earlier that there’s “no ongoing risk to customer data.” And added: “While we are actively coordinating with law enforcement on a criminal investigation, we are unable to disclose too many details.”

“What we can share is that, in simplest terms, the bad actor leveraged their knowledge of technical systems, along with specialized tools and capabilities, to gain access to our testing environments and then used brute force attacks and other methods to make their way into other IT servers that included customer data.”

Sievert noted that the company has already taken the necessary steps to block the hacker’s access to its network.

“We are confident that there is no ongoing risk to customer data from this breach,” the US mobile carrier’s CEO added. There is much work to do, and this will take time, and we remain committed to doing our best to ensure those who had information exposed feel informed, supported, and protected by T-Mobile.”

John Erin Binns, a 21-year-old American who is currently living in Turkey, is believed to be the one behind the massive breach. He allegedly gained access to over 100 servers on T-Mobile’s network after hacking into the company‘s Washington state data center.

According to Binns, the initial attack vector was an unprotected and vulnerable router.

“Their security is awful,” the alleged attacker said. “I was panicking because I had access to something big.”

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.