Immediately, T-Cellular’s CEO Mike Sievert mentioned that the hackers behind the provider’s newest huge knowledge breach have been in a position to brute drive their means by way of T-Cellular’s community after having access to testing environments.
The attacker couldn’t exfiltrate buyer monetary data, bank card data, debit or different fee data during the incident.
Nonetheless, T-Cellular says that he stole information belonging to 54.6 million current, former, or prospective customers, containing SSNs, names, addresses, dates of delivery, and driver license/ID data.
“No ongoing threat to buyer knowledge”
“Whereas we’re actively coordinating with legislation enforcement on a prison investigation, we’re unable to reveal too many particulars,” Sievert mentioned in a statement published earlier today.
“What we are able to share is that, in easiest phrases, the unhealthy actor leveraged their information of technical techniques, together with specialised instruments and capabilities, to realize entry to our testing environments after which used brute drive assaults and different strategies to make their means into different IT servers that included buyer knowledge.”
Sievert added that, following an investigation supported by Mandiant safety specialists, the corporate closed the entry factors utilized by the hacker to breach T-Cellular’s community.
“We’re assured that there isn’t a ongoing threat to buyer knowledge from this breach,” the US cell provider’s CEO added.
“There’s a lot work to do, and this may take time, and we stay dedicated to doing our greatest to make sure those that had data uncovered really feel knowledgeable, supported, and guarded by T-Cellular.”
That is the sixth main knowledge breach T-Cellular publicly acknowledged previously 4 years:
Hacker makes enjoyable of T-Cellular’s ‘terrible’ safety
John Erin Binns, a 21-year-old American now residing in Turkey, claims to be the one behind this huge breach in line with a Wall Street Journal report from Thursday.
After hacking into their Washington state knowledge middle, he purportedly gained entry to credentials for greater than 100 servers on T-Cellular’s community.
In accordance with Binns’ claims, the preliminary assault vector used to breach the T-Cellular community was an Web-exposed and unprotected router.
“Their safety is terrible,” the alleged attacker mentioned. “I used to be panicking as a result of I had entry to one thing massive.”
In his Telegram chat with the WSJ, Binns averted confirming if he was paid to hack into T-Cellular’s techniques or if he bought any of the stolen knowledge to others.
As BleepingComputer reported nearly two weeks in the past, a menace actor was promoting what he claimed to be a database containing the personal info of roughly 100 million T-Mobile customers on a hacking discussion board.
He additionally mentioned the assault’s objective was to “retaliate towards the US for the kidnapping and torture of John Erin Binns (CIA Raven-1) in Germany by CIA and Turkish intelligence brokers in 2019.”
Binns sued the FBI, CIA, and Department of Justice in 2020 for being tortured and harassed. He’s making an attempt to drive the USA to launch paperwork exposing these actions underneath the Freedom of Data Act.
Any menace actors who received their fingers on the knowledge of T-Cellular prospects stolen on this incident can use it in extremely harmful SIM swapping assaults that would permit them to take over victims’ on-line accounts and steal their id.
All probably affected prospects ought to be looking out for suspicious emails or textual content messages pretending to return from T-Cellular and never click on on any embedded hyperlinks in the event that they spot one to forestall having their credentials stolen.
A T-Cellular spokesperson was not obtainable for remark when contacted by BleepingComputer earlier at this time to substantiate Binns’s claims.