Two weeks after the data breach at T-Mobile came to light, the provider can still share few details about the exact circumstances. However, the telecom company firmly denies that the security of customer data leaves something to be desired. In fact, the perpetrator used ‘specialized tools’, brute force attacks and other methods to break through the company’s IT infrastructure.
T-Mobile CEO Mike Sievert said so in a comprehensive statement. It is the first time the CEO has addressed the incident.
Blessing in disguise
Sievert says employees have worked tirelessly over the past two weeks to resolve the cyberattack on the company. Now that the data breach has been contained and the investigation has largely been completed, the general manager wants to have his say about the incident.
First of all, he reflects on recent events. He acknowledges that personal data and other data of millions of customers, former customers and potential customers (leads) have been stolen by the hacker. This concerns first and last names, addresses, identity data, social security numbers, IMEI and IMSI numbers. Sievert calls it a lucky break that no credit card details, information about payment terms and other financial data have been stolen. “To say we are disappointed and frustrated is an understatement,” he said.
Securing customer data is what the CEO calls ‘a responsibility that we take incredibly seriously. He, therefore, regrets that T-Mobile has failed to protect this data. “Attacks like these are on the rise and hackers are looking every day to find new ways to attack and exploit our systems. We invest a lot of time and energy to stay one step ahead, but we have not lived up to the expectations we have of ourselves to protect our customers. Knowing that we failed to prevent this exposure is one of the hardest parts of this event.”
‘Hacker made his way into our systems with brute force attacks’
Sievert offers his sincere apologies for the incident. He also promises to increase security measures. For example, the access point where the hacker penetrated the T-Mobile network has been closed. The CEO assures his customers that the danger has passed and no new data will be stolen.
The telecom company is working closely with enforcement authorities, who have started a criminal investigation for two weeks. In order not to jeopardize the investigation, the director cannot go into detail about the case at this time. What he does want to say is that there is nothing wrong with the security of the company. “What I want to share is, simply put, that the hacker used his knowledge of technical systems, specialized tools and expertise to access our test environments. He then used brute force attacks and other methods to force his way into other IT servers containing customer data,” said Sievert.
The CEO is convinced that the hacker deliberately attacked the company to steal customer data. Since the data breach was announced, T-Mobile has done everything it can to minimize the consequences and risks for victims. “There is still a lot of work to be done and that will take time. We will continue to do our best to ensure that customers whose data has been obtained feel informed, supported and protected by T-Mobile,” the CEO promises.
CEO: ‘We are stronger than ever’
Hackers are constantly evolving their attack methods. In order to fight against these practices in the long term, T-Mobile is entering into a partnership with cybersecurity company Mandiant and consultancy firm KPMG. “We know we need additional expertise to take our cybersecurity efforts to the next level. That’s why we called in help,” says Sievert. These schemes are part of a “significant multi-year investment” in the fight against hackers and cybercriminals.
“It’s about gathering the firepower we need to better fight criminals and build a forward-looking strategy to protect T-Mobile and our customers (…) I’m confident in these partnerships and optimistic about the opportunities they offer to help us put this terrible event behind us, with improved security measures and a much stronger position,” Sievert concludes his contribution on the data breach.
Hacker: ‘T-Mobile security is terribly bad’
Last week, ‘John Binns’ – the pseudonym of the hacker responsible for the data breach – said that the security of T-Mobile’s network is ‘terribly bad’. He used a tool to scan the provider’s network for weaknesses. He found an unsecured router that was connected to the internet. He managed to penetrate the data centre in Washington through the router. There he found login details of more than a hundred servers.
‘Binns’ took a week to study the contents of the servers. At one point, he came across the customer data of more than fifty million customers. “I panicked because I had access to something big,” he told The Wall Street Journal last week. He said he wanted to cause a stir with his action. Why he then offered the stolen data to a hacker forum on the dark web remains unclear.
T-Mobile will have to defend itself in court in the near future. Last week, the provider received two mass claims. The plaintiffs want compensation for the risks they face, compensation for the time they lost to prevent identity fraud and for the judge to impose security measures on the telecom company, including annual audits to check the systems.
Catch up on more articles here
Follow us on Twitter here