T-Mobile confirmed the fact of hacking and penetration into its network

Telecommunications giant T-Mobile has confirmed that its systems have been compromised, with company officials saying the attacked hacked their internal servers. Exact type of information that was stolen remains unclear.

Earlier this week, a hacker forum announced the sale of personal data to approximately 100 million T-Mobile customers. The seller claimed that two weeks ago, he hacked into the company’s servers (production, staging, and development servers, including the Oracle server that contained customer data), gaining access to an unsecured T-Mobile GPRS gateway, and stole the data from there.

The person who claims to have compromised T-Mobile says the company misconfigured a gateway GPRS support node that was apparently used for testing. It was exposed to the internet. That allowed the person to eventually pivot to the LAN. Proof screenshot supplied.Jeremy Kirk, topic observer of the global IT security tweeted.

T-Mobile confirmed the fact of hacking

The attacker estimated the entire dump at 6 bitcoins (about $280,000), claiming that in total the database contains information on 100 million people, including IMSI, IMEI, phone numbers, names, security PINs. Worse, roughly 30 million more people have dates of birth, driver’s license numbers, and even social security numbers.

T-Mobile confirmed the fact of hacking

Now, representatives of T-Mobile have released an official statement, in which representatives of the company confirmed that the hack did take place. The company has not yet reported any details of the incident.

We have determined that there has been unauthorized access to some T-Mobile data, but we have not yet determined whether any customer personal data has been affected. We are confident that the entry point used to gain access [to our systems] has already been closed, and we are currently conducting an in-depth technical analysis of the situation to determine the nature of the data that could be obtained illegally.says the press release.

The company also said it was working day and night to investigate allegations that T-Mobile’s data could have been illegally accessed. And they assured that they take customer protection very seriously and, together with digital forensics experts, are conducting extensive analysis to understand the validity of these claims, and that T-Mobile is coordinating with law enforcement agencies.

Let me also remind you that we talked about the Indonesian authorities that Block Access to RAID Forum Due to Data Leakage.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button