[UPDATE] T-Mobile Hacker Said it Only Took Him a Week to Steal Data, Says Carrier Security is 'Awful'

Sophie Webster, Tech Times 26 August 2021, 07:08 pm

T-Mobile suffered from a massive data breach earlier this month, and the perpetrator, a 21-year-old American hacker, took responsibility for infiltrating the incident.

T-Mobile's Weak Security

The hacker, John Binns, said that the wireless company's weak security had helped him access numerous records filled with personal data of more than 50 million T-Mobile customers.

In an exclusive interview with The Wall Street Journal, the hacker, who grew up in Virginia in the United States but now resides in Turkey, revealed that he could break through the carrier's defenses after discovering an unprotected and exposed router.

Binns used several online usernames since 2017 and said that he had been scanning the carrier's internet addresses for weaknesses via a tool available to the public.

Also Read: T-Mobile New 5G Phone Could be Cheaper than an AirPods Pro

Binn said that the security of T-Mobile is "awful." He had been talking to The Wall Street Journal through Telegram messages. He then detailed how he was able to hack the company's records.

The hacker had not stated whether he had sold the data or not or whether someone had paid him to target T-Mobile.

The hack is the third major data leak that the wireless network has made public in the past two years, according to The Washington Post.

According to the company, the latest hack stole personal details from more than 54 million customers, including their Social Security numbers, complete names, addresses, birth dates, and phone numbers.

Many of the stolen records were said to be from prospective clients or from former ones that have since changed carriers.

T-Mobile began informing its customers of the data breach days after it happened as the company was not immediately able to determine if personal details were involved.

The company reminded its customers to update their passwords and personal identification number or PIN codes.

T-Mobile is currently investigating an underground forum where the data are alllegedly posted.

Hacker Says Stealing the Data Was Easy

T-Mobile is the second-largest mobile carrier in the United States as it has more than 90 million phones connected to its networks. The Federal Bureau of Investigation or the FBI is currently looking into the hack, according to Engadget.

Meanwhile, Binns revealed that it only took him a week to get into the company's servers.

The wireless network stated that they had their security hole repaired immediately to prevent another breach since the hack happened.

What remains unclear is whether Binns did it on his own or if he had some help. The 21-year-old revealed that the reason why he did it is that he wanted to draw attention to his persecution by the U.S. government. He wanted to generate noise.

In his interview, he described an alleged incident in which he said he was kidnapped while he was in Germany and forced to stay at a fake psychiatric hospital.

Binns said that he did not know where that story came from, and he has no reason to create a fake kidnapping story. He wants someone from the FBI to clear his name.

In 2020, he sued the Central Intelligence Agency or the CIA, the FBI, and other U.S. federal agencies to make them fulfill a federal record request that he had made for information about the botnet attacks.

The lawsuit is still open in the U.S. District Court in Washington, D.C.