T-Mobile has been hacked yet again—but still doesn’t know what was taken

Front page layout
Site theme
Sign up or login to join the discussions!

T-Mobile said on Monday that hackers breached its internal servers and that company investigators are in the process of determining if the incident involves the theft of sensitive customer data.
“We have determined that unauthorized access to some T-Mobile data occurred, however we have not yet determined that there is any personal customer data involved,” the company said in a statement. “We have been working around the clock to investigate claims being made that T-Mobile data may have been illegally accessed.”
The statement came a day after Motherboard reported that a forum post was advertising a massive trove of data for sale. The post didn’t mention T-Mobile, but the seller told the publication that data related to more than 100 million people and that it came from T-Mobile servers.
The seller reportedly said that the data included Social Security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver’s license numbers. Motherboard confirmed that samples of data made available by the seller “contained accurate information on T-Mobile customers.”
Ars has been unable to confirm the authenticity of the claims made by the person who published the post and spoke to Motherboard.
By some counts, T-Mobile has experienced as many as six separate data breaches in recent years. They include a hack in 2018 that gave unauthorized access to customer names, billing ZIP codes, phone numbers, email addresses, and account numbers. In a breach from last year, hackers absconded with data including customer names and addresses, phone numbers, account numbers, rate plans and features, and billing information.
According to reporting by journalist Jeremy Kirk, the person responsible for the latest T-Mobile hack claimed that they obtained unauthorized access by exploiting a misconfigured GPRS gateway, which carriers use in 2G or 3G cellular communications.
The person who claims to have compromised T-Mobile says the company misconfigured a gateway GPRS support node that was apparently used for testing. It was exposed to the internet. That allowed the person to eventually pivot to the LAN. Proof screenshot supplied.
If claims that data for 100 million people have been hacked prove to be true, this latest breach will be among the largest carrier data breaches ever.
You must to comment.
Join the Ars Orbital Transmission mailing list to get weekly updates delivered to your inbox.
CNMN Collection
WIRED Media Group
© 2021 Condé Nast. All rights reserved. Use of and/or registration on any portion of this site constitutes acceptance of our User Agreement (updated 1/1/20) and Privacy Policy and Cookie Statement (updated 1/1/20) and Ars Technica Addendum (effective 8/21/2018). Ars may earn compensation on sales from links on this site. Read our affiliate link policy.
Your California Privacy Rights | Do Not Sell My Personal Information
The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of Condé Nast.
Ad Choices

Tech Consultant Chris Hood and Business Strategist.

Leave a Reply

Your email address will not be published. Required fields are marked *