A hacker takes responsibility for the T-Mobile data breach that exposed the information of more than 50 million people. The hacker, John Binns, says that due to T-Mobile’s lax security, he could easily access a cache of user records with information on millions of subscribers.
According to a report by the Wall Street Journal, John Binns, says that he was behind the attack on T-Mobile and also provided evidence of the accounts associated with it. He also went into detail about T-Mobile’s security and how he was able to pull it off.
Hacker’s Statement about T-Mobile Security
According to Binns, he was able to get his hands on customer data after discovering an unprotected T-Mobile router exposed on the internet. He also said that he had been scanning for T-Mobile’s internet addresses to find an unprotected router with a simple online tool.
He told the Jornal that the unprotected router gave him access to a state data center in Washington – and it stored credentials of over 500+ T Mobile servers. He also said that T-Mobile’s security is “awful” as he could access so much data with a single unprotected server.
The hacker shared a screenshot of the T-Mobile server displaying a warning against unauthorized access. (Image: WSJ)
Mr. Binns said that the entry point allowed him to hack into T-Mobile data centers outside East Wenatchee, Washington, where the stored credentials gave him access to over 100 servers.
“I was panicking because I had access to something big. Their security is awful,” wrote Binns to Jornal.
He said that it took him a week to break into servers that contained information on tens of millions of customers. The information includes names, addresses, Social Security Numbers, driver’s license information, and more.
The 21-year old hacker said that he did this to gain attention. He wrote, “generating noise was one goal.” He declined to say anything about selling the data online or whether he was working with someone to breach T-Mobile.
In 2020 Binns, filed a lawsuit against the CIA, FBI, and DOJ, demanding what information they had on him. He also accused the government of his kidnapping and other things, including an informant convincing him to buy Stinger missiles off an FBI-owned website.
He told the Jornal that through this attack, he wanted to generate noise, hoping someone in the FBI would leak information regarding his alleged kidnapping.
The Seattle office of the FBI is investigating the T-Mobile data breach. “The FBI is aware of the incident and does not have any additional information at this time,” said the FBI Seattle office in a statement on Wednesday.
T-Mobile’s Response to the Data Breach
On August 13, a security research firm Unit221B LLC reported that an account was trying to sell customer data of millions of T-Mobile users. Two days later, T-Mobile acknowledged the data breach.
After the attack, T-Mobile confirmed that more than 50 million customer records had been compromised. T-Mobile also said in a statement that:
“We have located and immediately closed the access point that we believe was used to illegally gain entry to our servers.”
Mr. Binns, who goes by the online aliases IRDev, and v0rtex, among others, shared screenshots with the Journal, showing access to T-Mobile’s network. In a statement, Unit221B also said that someone with an alias IRDev keeps reaching out to hackers online trying to sell T-Mobile data before it the news became public.
It is still unclear whether Mr. Binns worked alone, or was it a collaborative effort, as another hacker online offered to sell some T-Mobile stolen data.
Several cybersecurity experts say that the recent T-Mobile data breach shows that the company needs to improve its defenses.
Increasing CyberSecurity Threats
This recent T-Mobile data breach in August was part of the string of high-profile cyberattacks in the USA, as cybercriminals easily walk away with the personal data of millions of consumers.
Another recent event was the AT&T data breach, where a hacker claimed to have stolen the database of more than 70 million customers. T-Mobile data breach is the third major attack in the past 2 years.
As the cybersecurity threats keep rising in the US, with large companies being the main target of hackers, President Joe Biden recently called a CyberSecurity meeting with CEOs of all major tech companies like Apple, IBM, Microsoft, Amazon, Google, and more.
The FBI has not made any official response to this news. However, if Binns’ reports about how he gained access to T-Mobile data are true, then it raises concern regarding cybersecurity practices of the second-largest US mobile-carrier company with over 90 million users.