A person claiming to be behind the T-Mobile data breach that exposed almost 50 million people’s information has come out to identify his name and attack T-security According to the Wall Street Journal. T Mobile’s John Binns informed the WSJ that he was behind the attack and provided evidence that he could access accounts linked with it, and he went into detail about how and why he conducted it.
Binns claims that by scanning for unsecured routers, he was able to obtain customer (and past customer) data from T-Mobile. He discovered one, he told the Journal, which enabled him to get access to a Washington state data center that had credentials for over 100 servers. He described the carrier’s security as “terrible,” and he panicked when he realized how much data he had access to. According to the WSJ, it is unclear whether Binns worked alone, however, he suggested that he worked with others for at least part of the attack.
The hacker obtained access to sensitive personal data such as names, birthdates, and Social Security numbers, as well as critical cellular data such as identification numbers for smartphones and SIM cards. T-Mobile stated in a statement that it is “certain” it has “closed down the entry and egress points utilized by the bad actor in the operation.”
Binns told the WSJ that one of his aims in carrying out the attack was to “create noise,” and that he expects someone in the FBI would release details about his alleged kidnapping. Binns’ situation is unlikely to improve now that he has exposed himself as the guy who hacked one of the United States’ major carriers. However, if his claims about how he obtained access to a massive cache of T-Mobile data are genuine, it presents a troubling picture of the carrier’s security practices.