T-Mobile is a well-renowned brand name that is widely used by some of the mobile communications subsidiaries of the German telecommunications company, Deutsche Telekom AG in the Czech Republic, Poland, the United States, and the former subsidiary in the Netherlands.
Founded in the year 1999, it has markets in Poland, the Netherlands, the Czech Republic, and the United States.
T-Mobile’s only motivation is its customers and these customers are what inspire them and drive them to look for new and innovative ways to keep them seamlessly connected to what matters to them the most.
While everything was going smoothly for this amazing company, on August 17, 2021, a statement was released by T-Mobile confirming their systems were subjected to a criminal cyberattack. The attack compromised the data of millions of T-Mobile’s customers. This included their former and prospective customers as well. According to the statement released by the company, an investigation has been started and it is based on a report by someone who claimed to have confessed that they have compromised T-Mobile’s servers.
The damage was big no doubt. Around 40 million people’s data was compromised in this recent data breach. This included 7.8 million current T-Mobile customers who were paying monthly for the phone services they used. Of 104 million customers T-Mobile had, nearly half of them were affected by this attack.
Now this kind of information exposed was enough for any unknown person to use for setting up an account in someone else’s name or even hijack an existing one.
Luckily, the most critical data of any customer was not stolen, this included;
Even though the company itself declared that the data of around 40 million people was compromised yet a Twitter account that was advertising the stolen data for sale mentioned that this attack has affected all 100 million customers. And that it also included IMEI/IMSI data for 36 million customers that can easily identify specific devices or even SIM cards. However, T-Mobile did not confirm any of it and stood by its original released statement.
After this incident, T-Mobile had to add a page on its site that would allow customers to change their PINs and passwords.
With that, they also offered two years of free identity protection services for McAfee. They also recommended all their postpaid customers change their PIN.
The attack had led the entire T-Mobile family not only disappointed but frustrated as well. Their only aim is to keep the customer’s data safe and they failed to do so. Thankfully an investigation led by experts allowed them to understand what has happened and how much people were affected and to what extent and then they were able to control it gradually.
Now comes the real question, how did the attack happen or how was an ordinary hacker able to hack such a database?
Well, the hacker was brave enough to take full responsibility for the breach. According to the 21-year-old John Binns, the security of T-Mobile was just awful. He infiltrated T-Mobile after the company’s misconfigured Gateway GPRS Support Node was exposed on the internet. In simpler words, Binns was able to find an unprotected router using a publicly available tool and from there he searched weak spots in T-Mobile’s known internet addresses. And that is how he was able to get information from around 40 million customers.
The good news here was that only general information of customers was exposed and no financial information was leaked or compromised.
This attack wasn’t the first one as there have been several data breaches over the past few years.
The problem here is the absence of security control that allows hackers to easily get into T-Mobile’s systems. A data breach of this magnitude at T-Mobile only happened because there were too many loopholes in their system. Even the hacker claimed that there was a configuration problem on the access point that is used by the company for testing. And this issue made the access point available to the public on the internet. Now all the hackers had to do was find that particular gate.
All of this could have been avoided if the company was conducting a proper scope penetration test right from the beginning. They should have used their internal network monitoring tools. Had they been able to use the cybersecurity techniques in the best possible manner, they would have been able to identify, test, and highlight any kind of vulnerabilities in their security postures. And this could have at least prevented some of these attacks to a great extent.
In the fast-paced maritime industry, staying certified and competitive is not just important, it’s essential.…
Becoming a professional truck driver starts with proper training, and choosing the right truck driving…
Are you passionate about helping others and interested in starting a career in Applied Behavior…
The world of coding offers diverse career opportunities, but understanding the essential skills needed to…
It’s a tough reality: every year, over 14.1 million workers suffer from work-related injuries. For…
If you’ve ever wanted to learn how to cook, but didn’t know where to start,…