[BreachExchange] Hacker Admits To T-Mobile Data Breach, Targeted Unprotected Router

Sophia Kingsbury sophia.kingsbury at riskbasedsecurity.com
Fri Aug 27 08:39:53 EDT 2021


https://www.pymnts.com/news/security-and-risk/2021/hacker-admits-t-mobile-data-breach-targeted-unprotected-router/

A hacker, taking responsibility for breaking into T-Mobile’s systems, said
the job hadn’t been difficult, The Wall Street Journal (WSJ) reported.

“I was panicking because I had access to something big,” John Binns, 21,
told WSJ. “Their security is awful.”

Binns moved to Turkey a few years back and has confessed that he was behind
the hack, according to the report. He communicated with WSJ via Telegram
messages and had details about the hack before they had become commonly
known.

Binns said he broke through the cell phone company’s defenses after
discovering an unprotected router exposed through the internet, the report
stated. He said he had been scanning the T-Mobile known internet addresses
for weak spots, using a tool that was available to the public.

He said part of his goal was “generating noise” but didn’t say whether he
had sold any of the stolen data, according to the report. He also didn’t
add whether he had been paid to hack the mobile phone giant. Binns said he
had been using the entry point of many users no longer with the company as
a way to hack the company. Stored credentials there had let him access over
100 servers.

T-Mobile has confirmed that over 50 million customer records had been
stolen and said the issues leading to the hack being possible had been
fixed, the report stated.

In the wake of the hack, T-Mobile has been offering free McAfee identity
protection services for two years. The company said “no phone numbers,
account numbers, PINs, passwords or financial information were compromised
in any of these files of customers or prospective customers.”

But the mobile phone carrier confirmed that there had been Social Security
numbers, full names, birth dates and driver’s license details stolen in the
hack.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210827/8caf84db/attachment.html>


More information about the BreachExchange mailing list