T-Mobile says latest hacker used specialized tools and ‘brute force’
T-Mobile said a cyberattack this month that exposed millions of customer records was carried out using specialized tools to gain entry to the network, followed by brute force-style hacking techniques to access user data.
“In short, this individual’s intent was to break in and steal data, and they succeeded,” Chief Executive Officer Mike Sievert said Friday in a statement, the company’s fullest account yet of what happened. The company has hired cybersecurity provider Mandiant Corp. and consulting firm KPMG to improve its defenses, he said.
The breach, the fourth that has compromised T-Mobile customer records in as many years, involved personal information including names, dates of birth, Social Security numbers and driver’s license information. Sievert said the company is working with law enforcement and can’t share further details of what happened.
The theft involved the records of more than 13 million current customers, along with more than 40 million prospective customers who had applied for credit with the company, and 667,000 former customers, according to a company statement last week. An additional 902,000 prepaid customers also had some data exposed.
“The sheer number of massive data breaches is a clear sign that something’s not right in the land of magenta,” said Tammy Parker,
an analyst with GlobalData, referring to the T-Mobile brand’s signature color.
The Federal Communications Commission said last week it is investigating the breach.
T-Mobile is also the subject of at least two class-action lawsuits accusing the company, the secondlargest U.S. wireless carrier, of failing to protect customers’ information.
T-Mobile was hacked twice last year, and in 2018, about 2.5 million customers had their data exposed
in a network breach. That attack became part of a federal class-action lawsuit.
A person on social media claiming to be a 21-year-old American living in Turkey has taken credit for the hack, according to the Wall Street Journal. John Binns claims to have cracked TMobile’s network over the course of a week and then tried to sell the data to willing buyers on the social media channel Telegram, according to the Journal.
Bloomberg was unable to confirm
his account.
T-Mobile could face fines if it is found responsible for security lapses.
“T-Mobile has an extremely loyal customer base, and that will be a benefit through this crisis,” Parker said. “But T-Mobile needs to reassure its customers, potential customers, regulators and lawmakers that it is not only taking cybersecurity seriously but that it is rapidly fixing the problems to prevent this from happening again.”