T-Mobile, one of the world's largest mobile telecommunications carriers, was the target of a major hack that exposed the private information of more than 50 million subscribers.
Millions of people have been exposed to potential identity theft and other dark web-enabled cyber-criminal threats as a result of the major hacking event.
The corporation recognized the cyber-attack on August 17 and stated that threat actors had gained access to sensitive data. T-Mobile initially stated that the attack had affected almost 40 million subscribers, but later clarified that the total number of current, former, and prospective customers was 54 million.
According to reports, the cyber-criminals accessed user information such as names, residences, Social Security numbers (SSNs), dates of birth, and driver's license information.
The hackers also took some IMEIs, IMSIs, and account Personal Identification Numbers (PINs) from a number of clients. Nonetheless, T-Mobile claims that no financial information, such as credit card numbers, was exposed as a result of the incident.
In response to the data leak, the company apologized for the breach and stated that it has hired a cyber-security firm to help strengthen the company's cyber defenses.
Whos is behind the attack?
Given the nature of most current cyber-attacks, identifying the true culprits of a data breach is a difficult undertaking. A 21-year-old American who claimed responsibility for the T-Mobile breach was recently interviewed by the Wall Street Journal.
The alleged hacker, John Binns, described the data loss and implied that he staged the cyber-attack in order to "attract attention".Binns contacted the Wall Street Journal via Telegram using an online identity, according to the Wall Street Journal.
Binns referred to the cyber-security of the company as "terrible" and stated that the company's inadequate security made it easy for him to obtain illegal access to internal systems and gather the data of more than 50 million subscribers.
The vagueness of Binns' motive has subsequently been revealed by the Wall Street Journal. No one knows if the hacker worked alone or as part of a wider organization of cyber-criminals. The self-described hacker, who moved to Turkey a few years ago, refused to say whether he profited financially from the attack or from selling the stolen client data.
Despite this, the Federal Bureau of Investigation (FBI) in Seattle is said to be investigating the issue.
Cyber-attacks are still skyrocketing
The latest breach took people by surprise considering T-Mobile has been rocked with breached in recent times. These attacks pose a huge threat to the 90 million active users of T-Mobile services.
Importantly, the T-Mobile intrusion is just one in a slew of high-profile cyber-attacks that have rocked American businesses and organizations in recent months.
A "mega" ransomware attack hit the Florida-based IT firm Kaseya and its corporate clients not long ago, affecting around 200 U.S. businesses. The Russian-linked hacking group REvil was responsible for the cyber-attack, which was regarded one of the most damaging cyber-extortion rings in recent history.
In light of state-backed cyber-crime that has been attributed to Russia, the REvil ransomware group has gotten a lot of attention from numerous stakeholders, including the Biden administration.
So far, the flourishing economy of dark web-enabled cyber-crime appears to be operating within international law enforcement's grasp. The well-funded cyber-security sector has been trying to keep up with a recent rash of cyber-attacks exacerbated by COVID-related socioeconomic conditions. One thing that is obvious is that cyber-security experts need to step up their game to keep up with all the latest cyber-attacks.