Zack Whittaker reports:
T-Mobile has confirmed that millions of current and former customers had their information stolen in a data breach, following reports of a hack over the weekend.
In a statement, T-Mobile, which has more than 100 million customers, said its preliminary analysis shows 7.8 million current postpaid T-Mobile customers had information taken in the data breach. The carrier said that some personal data on current and former postpaid was also taken, including customer names, dates of birth, Social Security numbers, and driver’s license information for a “subset” of current and former postpay customers and prospective T-Mobile customers.
But as the annoying TV commercials always say, “But wait — there’s more!” And in this case, it’s more bad news.
Read more on TechCrunch.
On August 16, Jeremy Kirk provided some additional claims.
The person who claims to have compromised T-Mobile says the company misconfigured a gateway GPRS support node that was apparently used for testing. It was exposed to the internet. That allowed the person to eventually pivot to the LAN. Proof screenshot supplied. pic.twitter.com/tBMvRBmG0r
— Jeremy Kirk (@Jeremy_Kirk) August 16, 2021
He later added:
Eventually, the person says they were able to brute force/credential stuff SSH on more than 100+ servers, some Oracle. No rate limiting on those servers because they’re internal, person says. Person is based in Belarus.
Jeremy provided additional coverage on DataBreachToday.com, but there’s still a lot that is unconfirmed, including allegations about @IntelSecrets.