Hacker blasts T-Mobile for lax security after stealing troves of customer data

on Aug 27, 2021
  • John Binns takes responsibility for hacking into T-Mobile's customer data.
  • The wireless network operator has now taken care of the security loophole.
  • Cybersecurity experts are concerned about T-Mobile's cybersecurity practices.

Follow Invezz on Telegram, Twitter, and Google News for instant updates >

Only days after T-Mobile U.S. Inc (NASDAQ: TMUS) confirmed that a cyberattack stole records of over 50 million customers, John Binns took responsibility for the hack and blasted the company’s security practices, the Wall Street Journal reported on Thursday.

Are you looking for signals & alerts from pro-traders? Sign-up to Invezz Signals™ for FREE. Takes 2 mins.

Did Binns sell the data?

Copy link to section

Binns said his scan for unprotected routers found one last month that gave him access to T-Mobile’s Washington state data centre.

Hacking into it, he used the stored credentials for more than 100 servers to steal customers’ personal data, including their Social Security numbers and cellular data related to the SIM cards and identification numbers for cell phones.

“I was panicking because I had access to something big. Their security is awful.”

The hacker hinted that he had help from others for at least part of the cyberattack. The WSJ report, however, failed to confirm if he was paid to breach T-Mobile or sold the customers data he stole.    

T-Mobile is United States’ 2nd largest wireless network operator, providing services to more than 104 million customers, as per its Q2 earnings report published in July.

T-Mobile says it has fixed the security loophole

Copy link to section

According to T-Mobile, it has now sealed the security loophole Binns used to gain access to its servers.

“We are confident that we have closed off the access and egress points the bad actor used in the attack,” the company said in a statement.

A T-Mobile spokeswoman, however, refrained from commenting on specific claims made by the hacker.

The cyberattack marked the third major hack into T-Mobile in the past two years that resulted in a breach of customer data. Such incidents, as per many cybersecurity experts, is a clear indication that T-Mobile needs to focus on improving its cybersecurity practices.

USA North America Stock Market Telecom World