Mike Sievert, T-Mobile’s CEO, has issued an official statement concerning the extensive hack that unfortunately endangered millions of users as their sensitive information was compromised during the leak.
While admitting that the company had failed to keep their customer’s data safe, he further said:
“The last two weeks have been humbling for all of us at T-Mobile as we have worked tirelessly to navigate a malicious cyberattack on our systems. Attacks like this are on the rise and bad actors work day-in and day-out to find new avenues to attack our systems and exploit them.
We spend lots of time and effort trying to stay a step ahead of them, but we didn’t live up to the expectations we have for ourselves to protect our customers. Knowing that we failed to prevent this exposure is one of the hardest parts of this event. On behalf of everyone at Team Magenta, I want to say we are truly sorry.”
Sievert further confirmed that the company hired Mandiant to investigate the incident and said they have since disabled the server entry points that allowed John Binns – the alleged hacker, access to T-Mobile data.
According to Sievert,
The hacker leveraged their understanding of technical systems, along with specific tools and capabilities, to gain access to our testing environments and then used brute force attacks and other methods to make their way into other IT servers that included customer data. In short, this individual’s intent was to break in and steal data, and they succeeded.
Sievert didn’t provide more information about the breach or the investigation status as the company is currently fully cooperating with law enforcement concerning the investigation.
John Binns, a 21-year-old hacker, claimed responsibility for the attack while mocking T-Mobile’s cybersecurity. The attacker confessed to the crime while adding that he did it because he was furious at US law enforcement agencies for reportedly torturing him in Germany and Turkey.
Sievert also stated that T-Mobile had signed “long-term partnerships” with Mandiant and KPMG LLG to develop its cybersecurity to increase its capacity to defend customers from cybercriminals.
As I previously mentioned, Mandiant has been part of our forensic investigation since the start of the incident, and we are now expanding our relationship to draw on the expertise they’ve gained from the front lines of large-scale data breaches and use their scalable security solutions to become more resilient to future cyber threats.
Both Mandiant and KPMG LLG will develop strategic plans to decrease and steady cybersecurity risks at T-Mobile. Cybersecurity experts from both companies will execute a thorough review of all T-Mobile security policies and performance measurements. They will concentrate on directions to recognize gaps and areas of improvement.
Our investigation into the cybersecurity attack against @Tmobile & our customers is substantially complete. We didn’t live up to the expectations we have of ourselves to protect customer data. Here's how we're taking our security efforts to the next level.
— Mike Sievert (@MikeSievert) August 27, 2021
In the wake of this attack, T-Mobile has already put a banner on the T-Mobile account log-in page to notify the user if they were affected.
In addition, the company will also offer two years of free McAfee’s ID Theft Protection Service and recommend the users sign up for T-Mobile’s free scam-blocking protection.
With four data breaches in the last three years, it is still unclear as to why T-Mobile was storing customers’ sensitive data such as driving licenses or social security numbers without encrypting them.
While it is unclear how T-Mobile will prevent such attacks from taking place in the future, it is always a good idea to stay cautious about cybersecurity statistics. When something as simple as Microsoft Excel can be exploited to run mass-scale phishing attacks, mobile network vulnerabilities can cause far more damages.
Hackers like John Binns steal user data so that they can extort money. Whatever information gets stolen, becomes available on the Dark Web for bidders to purchase and use for any malicious intent.