“The intrusion came to light on Twitter when the account started tweeting the details,” he wrote in a blog post. This wasn’t a traditional ransomware attack given the hacker offered to sell the data versus approaching T-Mobile, but it’s a similar situation,” Townsend explained.īrian Krebs, an investigative cybersecurity journalist, reported that the person behind the hack is tied to the Satori IoT botnet. Overall, the attack “points to the growing issues tied to ransomware and the sophistication of hackers. “Until they can definitely tell us what data was stolen, I think we assume the hackers have the info.”
It remains unclear, or at least unconfirmed, how the attackers gained access to T-Mobile’s servers containing customer data, and “the problem is: T-Mobile doesn’t know either,” Kerravala said. Hacker Exploits Misconfigured 3G Mobile Core Will Townsend, senior analyst at Moor Insights & Strategy, said he’s confident T-Mobile will be transparent as the investigation unfolds and details of the breach become clear. “This is, I believe, what makes it unique and damaging.”Ĭrisis management fundamentals call for T-Mobile to be as transparent as possible and set up a helpline to address the deluge of customers’ concerns, he added. “If this is true, according to my understanding of the incident, the most concerning detail about this data breach is access to a database that ties names and phone numbers together, and the ability to identify someone’s carrier and fixed address,” Téral wrote in an email to SDxCentral.
T MOBILE SECURITY BREACH DRIVERS
That data includes a wide swatch of personal information, including names, phone numbers, social security numbers, physical addresses, unique device identifier data, security PINs, and drivers license information, according to Vice, which viewed samples of the data and confirmed the information contains accurate information on T-Mobile customers.
T-Mobile claims “the entry point used to gain access has been closed,” but the damage has been done, according to the hackers, which claim to have downloaded the data locally and backed it up in multiple locations. “Breaches happen, but the fact that T-Mobile can’t provide any details as to the scope of it is shocking.” Right now customers are left wondering if this is something they should be concerned about,” he added. “One of the things I find most concerning is that T-Mobile can’t yet verify what has or has not been stolen. “T-Mobile has been a favorite target of hackers over the past few years, and they really need a complete rethink of security,” Kerravala said. Stéphane Téral, chief analyst at LightCounting, agreed with that assessment, and both analysts noted that this marks T-Mobile’s sixth-known data breach in four years. “I believe this is the largest carrier breach on record,” Zeus Kerravala, principal analyst at ZK Research, wrote in response to questions. Roughly 32 hours after the data breach was first reported by Vice, T-Mobile confirmed that “unauthorized access to some T-Mobile data occurred,” but it has yet to determine the extent of the damage or if any personal customer information was compromised during the attack. Hackers breached T-Mobile US servers over the weekend and reportedly obtained personal information on more than 100 million customers. The operator suffered a massive data breach over the weekend that threatens to put it in unprecedented territory. T-Mobile US has an unmitigated security mess on its hands, leaving its entire customer base in the lurch.
0 kommentar(er)
