Companies of all sizes can fall prey to cyberattack. Just ask T-Mobile, one of the largest telecommunications companies in the world and a recent victim of criminal hacking.
The massive data breach compromised the personal information of more than 54 million people, putting nearly half of the company’s customer base at risk. Among the data stolen were social security numbers, driver’s license information, birth dates, and other information criminals could use to steal identities and create fraudulent accounts.
Here’s what we know so far.
A cyberattack on T-Mobile servers exposed the personal information of more than 50 million people, including social security numbers, birth dates, drivers license information, and other sensitive customer data.
The company announced that it was investigating a breach on August 16th, one day after Vice reported that an underground forum post was attempting to sell personal information obtained from T-Mobile servers for 6 bitcoin (or roughly $276,000).
T-Mobile soon confirmed the hack, reporting that “(our) systems were subject to a criminal attack that compromised data of millions of our customers, former customers, and prospective customers.”
Who is the hacker?
John Binns, a 21-year-old American with a prior history of cybercrime, has claimed responsibility for the attack. He is currently living in Izmir, Turkey, where he moved with his mother when he was 18.
Binns first reached out to Alon Gal, co-founder of cyber intelligence firm Hudson Rock, claiming to have carried out the attack to harm U.S. infrastructure. Gal would later share Binns’ messages regarding the attack on Twitter.
Binns would go on to speak publicly about the attack in an interview with the Wall Street Journal. He provided proof of his involvement to WSJ via Telegram and claimed he conducted the attack “to generate noise”.
The Wall Street Journal could not confirm if Binns was working alone or had an accomplice, though he did mention needing help acquiring login credentials for T-Mobile servers.
How did he hack T-Mobile?
That depends on who you ask.
Binns told the WSJ that he gained access to T-Mobile servers through an unprotected router in late July. While searching for gaps in T-Mobile’s security defenses, he was able to infiltrate a data center in Washington that gave him access to more than 100 company servers.
By August 4, he had accessed the servers storing personal information and stolen millions of files.
“Their security is awful,” Binns said.
Of course, T-Mobile characterizes the breach in a different way. According to CEO Mike Sievert, “the bad actor leveraged their knowledge of technical systems, along with specialized tools and capabilities, to gain access to our testing environments and then used brute force attacks and other methods to make their way into other IT servers that included customer data.”
Who was affected?
T-Mobile released a statement on August 20 confirming that the names, birth dates, social security numbers, phone numbers, driver’s licenses, and IMEI information for approximately 7.8 million customers was stolen in the breach. More than 5.3 “current postpaid customer accounts” were also accessed.
Over 40 million former or prospective customers were also compromised, exposing their names, social security numbers, birth dates, and drivers license information. More than 850,000 active T-Mobile prepaid customers also had information like their names, phone numbers, and account PINs illegally accessed.
According to their latest statement, T-Mobile has notified almost all customers affected by the data breach. Customers who are believed to be safe from the breach will see a banner announcement on their account login page.
How is T-Mobile responding?
T-Mobile is offering any customer who might have been affected two years of free identity services through McAfee’s ID Theft Protection Service. They are also recommending that customers sign up for their free scam-blocking protection through Scam Shield.
Moving forward, T-Mobile has tightened their defenses through “long-term partnerships” with Mandiant, a cybersecurity company, and KPMG LLC, a consulting firm.
Are You the Next Victim of a Cyber Attack?
Take our security quiz below to find your cyber risk score.
Phillip Long – CISSP, CEO of BIS Technology Group, along with his team of marketing and information technology experts, will walk you through an overview of what your business should be doing to protect your data and plan your digital marketing strategies.