T-Mobile Cyber Attack Or Glitch? Firm Responds


T-Mobile, the international telecommunication company, has come under scrutiny again after claims of a T-Mobile cyber attack have surfaced online.

The hackers behind the claimed data leak following the cyber attack on T-Mobile have reached out to VX-Underground, a reputable entity known for curating information on malware and emerging threats, to share their side of the story.

According to VX-Underground’s tweet, the T-Mobile cyber attack was allegedly conducted by a hacker named ‘Doubl.’ Moreover, the cybercriminal responsible for the data release, known as ‘Emo,’ is reportedly affiliated with the online forum BreachForum.

In response to these claims, T-Mobile has issued a statement denying any cyber attack on T-Mobile. The telecommunications giant asserts that the incident was, in fact, a result of a temporary system glitch, specifically tied to a planned overnight technology update.

Moreover, T-Mobile maintains that this glitch only affected a limited amount of account information, impacting fewer than 100 customers, and was promptly resolved.

T-Mobile Glitch Causing a Commotion

Researchers wrote that the T-Mobile cyber attack compromised its employees’ Personal Identifiable Information (PII).

TMobile cyber attack
Bill posted by a user on Twitter (Photo: Twitter/ X)

This is the eighth time the telecommunications giant has been targeted by cybercriminals.

The recent T-Mobile security incident baffled users as it caused a glitch. Several users complained on various social media channels about receiving messages from T-Mobile addressing them under another name.

TMobile cyber attack
Received message posted on Twitter

Numerous users shared screenshots of billing statements they received following the T-Mobile glitch. The authenticity of these bills, whether they originated from the company or were orchestrated by hackers, remains unverified.

The Cyber Express emailed the company asking for a statement about the allegations arising from the T-Mobile data breach.

In response, a T-Mobile spokesperson said, “There was no cyberattack or breach at T-Mobile. This was a temporary system glitch related to a planned overnight technology update involving limited account information for fewer than 100 customers, which was quickly resolved.”

The details on the circulated messages could also be further exploited by cybercriminals given that names and other personal data including the last four digits of credit cards appeared on them.

Hence, users must watch for their information being sent to other T-Mobile customers.

T-Mobile has not released a statement addressing the glitch and other T-Mobile Security breach claims circulating the media.

The systems were not detected to be impacted by the IT team post-cyber attack on T-Mobile.  “T-Mobile says the incident had limited impact, only affecting less than 100 individuals,” reported Bleeping Computer.

Leaked Information Allegedly from T-Mobile Cyber Attack

T-Mobile cyber attack
Employee data leaked by T-Mobile hackers (Photo: VX-Underground)

Researchers from the VX-Underground team highlighted that the present T-Mobile data breach was conducted in April 2023. However, hackers leaked data from the T-Mobile hacking on September 21, 2023.

It is not clear why the hackers of T-Mobile did not speak out or leak the data in April itself. Now, the hackers have released exfiltrated data on BreachForum, Telegram, and the Discord channel operated by the cybercriminals.

T-Mobile cyber attack
Data released by T-Mobile hackers (Photo: VX-Underground)

Addressing the vast data type and size, VX-Underground tweeted, “The information from the leak is very large and we would not be able to sufficiently detail everything leaked in text because it is multiple databases.’

About 90Gb of data is speculated to be leaked from T-Mobile security breach which includes employee PII. This is also the second time T-Mobile employees have been targeted leaving speculations about the motives such as a grudge being the motive behind the T-Mobile cyber attacks.

Seven Previous Security Incidents Suffered by T-Mobile

T-Mobile has been proven to be a soft target for hackers as it has been hacked, data has been breached or data samples leaked incessantly in the past five years. The present glitch suffered by T-Mobile is the eighth one leading to speculations over its security infrastructure. It is surprisingly also the third one this year.

T-Mobile cyber attack in August 2018 led to the compromise of its customers. The cyber attack on T-Mobile in 2019 impacted prepaid customer data.

It was the cyber attack on the telecommunications giant in 2020 that led to the exposure of employees. Again, in December 2020 T-Mobile Security breach exposed the call records of the users.

In 2021, hackers took to the T-Mobile app and compromised its security. In August 2021, it was hacked using brute force or guessing the password to reach its network. Lapsus$ ransomware group hacked T-Mobile in April 2022 using stolen credentials.

In 2022, three cybercriminals gained access to T-Mobile’s internal systems. In January, this year, T-Mobile found malicious activities which resulted in the compromise of 37 million prepaid and postpaid customers.

There is little doubt that, with these cyber attacks, the data that might have been released publicly could be preserved and used for social engineering and tricking users with phishing attacks.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.





Source link