Tag Archive for: Awful

Hacker Claims T-Mobile’s ‘Awful’ Security Gave Him Access to 50 Million Accounts

Now living in Turkey, hacker John Binns shared with the Wall Street Journal how he breached T-Mobile’s network and gained access to 50 million accounts in July. He didn’t use any sophisticated tools or highly complex methods to breach T-Mobile’s security. Instead, the hack job was made easy because the mobile carrier’s security is lax, claims Binns.

Binns said he could access T-Mobile’s network through an unprotected router in the company’s data center near East Wenatchee, Washington. He discovered the vulnerable piece of hardware using a publicly available scanning tool that he pointed at T-Mobile’s widely known internet addresses.

“I was panicking because I had access to something big,” said Binns to the Wall Street Journal. “Their security is awful.”

Binns is a known hacker who has been perfecting his craft online since 2017 using various online aliases. He shared the details on this T-Mobile hack with the WSJ before the wireless carrier publicly confirmed the intrusion.

Binns declined to confirm whether he was paid to conduct the hack or sold the data he obtained.

T-Mobile CEO Mike Sievert said he was “truly sorry” for the intrusion that affected 50 million people. 

“We didn’t live up to the expectations we have for ourselves to protect our customers. Knowing that we failed to prevent this exposure is one of the hardest parts of this event.”

T-Mobile CEO Mike Sievert via AP

The company confirmed that the hack exposed names, social security numbers, driver’s license information, and more. Over 40 million customers who applied for T-Mobile credit were affected by this breach. Also involved were 7.8 million current T-Mobile subscribers who pay for their service on a monthly basis.

T-Mobile has reached out to those accounts that were compromised in this breach. If you are not sure if your account was involved, you can contact T-Mobile customer service or log into your account.

Those who were not affected should see a banner on their account page that confirms the hacker did not steal their account data.


T-Mobile customers are left feeling frustrated as hacker comes forward, calling the company’s security ‘awful’

a man standing in front of a sign: Drew Angerer/Getty Images

© Provided by Business Insider
Drew Angerer/Getty Images

  • An American man living in Turkey claims to be the hacker behind a massive T-Mobile breach, the Wall Street Journal reported.
  • T-Mobile customers are left feeling frustrated by their wireless carrier over security concerns.
  • Customers are experiencing fraudulent charges on debit cards and spam calls and text messages after the breach.
  • See more stories on Insider’s business page.

T-Mobile customers are dealing with the fallout of a security breach that exposed the personal information of more than 53 million people, with some telling Insider they’ve recently experienced fraudulent charges on debit cards and spam calls and text messages.


Load Error

Customers also expressed frustration that the man who took responsibility for the attack said it was easy.

“Their security is awful,” John Binns, a 21-year-old American who now lives in Turkey, told The Wall Street Journal on Friday, claiming to be the hacker behind the breach.

Binns gained access to the servers after discovering an unprotected router by scanning T-Mobile’s internet address for weak spots, The Journal reported. Over 53 million people had personal information compromised in the hack such as names, addresses, dates of births, phone numbers, Social Security numbers, and driver’s license information.

Many customers are now dealing with the repercussions of the hack and feel as though T-Mobile is not doing enough to protect them as some information hits the dark web.

Eddie Richards, a T-Mobile customer from Elizabethtown, Kentucky, told Insider he did not know about the hack until it reached the news. Richards is part of T-Mobile’s family plan, and while only the primary account holder was notified of the data breach by the company, he believes that all customers should have been made aware.

“It just frustrates me, honestly,” Richards said. “If our data is a priority for you guys to keep safe, how come I haven’t gotten a notification or anything like that?”

Gallery: If You Hear This When You Answer the Phone, Hang Up Immediately (Best Life)

a woman sitting at a table using a laptop computer: In the era of overactive group texts and social media overload, getting a phone call from a friend or loved one with good news has become something of a special event again. Unfortunately, it's also become next to impossible to figure out which incoming calls are from someone you actually want to speak to and not just another annoying robocall. And even though those anonymous spam calls might seem they're just a nuisance, they can actually be targeted scams that can put your personal information at risk. Thankfully, officials at the Federal Communications Commission (FCC) say there are a few simple tricks that can tell you when you should hang up the phone immediately—and others that can help cut back on unwanted calls altogether. Read on to see how you can spare yourself from having to cut the cord.RELATED: If You Use This Popular Cell Service, Your Phone May Not Work Soon.

The telecom company has previously said that no financial information was compromised in the breach, but…


T-Mobile hacker calls the carrier’s security ‘awful’ in new interview

It’s been over a week since T-Mobile confirmed a hack of its servers affecting tens of millions of customers. The carrier closed the access point quickly, but the hacker had already started selling stolen data by then. This week, as T-Mobile deals with the fallout of the breach, a hacker claiming responsibility for the attack sat down with The Wall Street Journal for an interview. In the interview, the hacker, John Binns, rakes T-Mobile over the coals for its poor security.

The T-Mobile hacker speaks out

Binns told the WSJ that he first discovered an unprotected router of T-Mobile’s in July. He said he had been scanning T-Mobile’s known internet addresses for vulnerabilities using a tool that anyone could download. He wouldn’t say whether or not he had actually sold any of the data he stole, although the initial Motherboard report made it clear that the data was up for sale.

After infiltrating T-Mobile’s data center in Washington, Binns had access to over 100 servers. It then took him about a week to dig through the servers containing personal information from current and former subscribers. On August 4th, he lifted the data that he would later try to sell.

“Their security is awful,” Binns told the WSJ over Telegram in the interview.

The story only gets stranger

Beyond profiting off of stolen data, Binns also wants to bring attention to his alleged persecution by the US government. Binns says he grew up in the US, but moved to Turkey three years ago. A relative in the US tells the Journal that Binns called last year claiming to be a computer expert that had been kidnapped and taken to a hospital against his will.

“He gushed about how he could do anything with a computer,” his relative explained.

Binns apparently repeated these claims in Telegram messages with the Journal. He says that he was abducted in Germany and put into a fake mental hospital.

“I have no reason to make up a fake kidnapping story and I’m hoping that someone within the FBI leaks information about that,” he explained to the Journal, revealing that this was the reason that he wanted to come forward and speak publicly about the hack.

Following the hack, T-Mobile announced that it would…


Hacker takes credit for 54 million T-Mobile data breach, calls security ‘awful’

A hacker who claims to be behind last week’s T-Mobile data breach that compromised 54 million people’s personal data told The Wall Street Journal in a story published today (Aug. 26) that the company’s “security is awful.” 

John Binns, a 21-year-old American living in Turkey, his mother’s homeland, told the newspaper that he found an unprotected T-Mobile router online in July, then used that to pivot on Aug. 4 into more than 100 servers containing personal data of current and former customers at a T-Mobile data center in central Washington state.