T-Mobile was hacked on Sunday, and the hackers claim they have gotten samples of the data, which they have validated contain authentic T-Mobile account information. SSNs, driver’s licenses, IMEIs, addresses, and other personal information are included in the data.
The hacker who claims to be behind the T-Mobile attack revealed how he gained access to the system by exploiting vulnerabilities in the company’s servers, and he even released screenshots.
According to the hacker “T-Mobile company misconfigured a gateway GPRS support node that was apparently used for testing. It was exposed to the internet.
That allowed him to eventually pivot to the LAN.
Proof screenshot supplied.”
Eventually, the hacker says they were able to brute force/credential stuff SSH on more than 100+ servers, some Oracle.
No rate limiting on those servers because they’re internal, person says.
T-Mobile responded by stating that it is looking into a report of a customer data leak affecting 100 million users.