T-Mobile recently suffered a significant data breach that saw sensitive data from more than 50 million current, prospective, and former customers stolen.
John Binns, a 21-year-old American who lives in Turkey, told The Wall Street Journal that he is responsible for the attack. Binns said that he discovered an unprotected router in July after scanning T-Mobile’s known internet addresses for weak spots.
He used the unprotected router to access T-Mobile’s data center located in Washington, where stored credentials provided him access to over 100 servers. He said he initially panicked because he “had access to something big,” and went on to claim that T-Mobile’s “security is awful.”
It took him about a week to sort through the servers to find the personal data on millions of customers, and he downloaded the data on August 4. On August 13, T-Mobile was informed that someone was selling T-Mobile customer data, and T-Mobile confirmed the breach just days later.
T-Mobile has since said that data from more than 50 million customers was accessed. Stolen data includes customer names, dates of birth, SSNs, ID cards, and licenses. The Wall Street Journal took steps to confirm that the hacker selling the data was Binns, using his IRDev online alias.
Binns told The Wall Street Journal that he hacked T-Mobile to “generate noise” and get attention as he had allegedly been the victim of an illegal kidnapping that saw him taken to a fake mental hospital in Germany. Binns would not say whether he had sold any of the data that he stole, and it is not clear if he had accomplices. The Seattle office of the FBI is investigating the hack.
Affected T-Mobile customers can receive two years of free identity protection services through McAfee’s ID Theft Protection Service and can implement Account Takeover Protection features.