In Word: The hacker allegedly responsible for the recent T-Mobile data breach told The Wall Street Journal that he used a simple tool available to the public to scan T-Mobile’s known internet addresses, leading to an unprotected router. that served as the entry point to a data center containing more than 100 servers.
The hacker contacted the Magazine using Telegram, an encrypted communications application. The 21-year-old told the Journal that he moved from the US to Turkey a few years ago and has used various aliases online since 2017.
The exposed router was discovered in July, and began obtaining data from T-Mobile’s servers around August 4. The Journal said the user, identified as John Binns, communicated from a Telegram account that he had discussed the details of the breach before they became widely known. . Binns also shared screenshots of the T-Mobile network, but declined to be photographed for the story.
“Generating noise was one of the goals,” Binns said, but declined to say whether or not anyone paid him to do the job or if he had sold any of the stolen data.
However, the story took an unusual turn, as the Journal notes:
He contacted an American relative last year, claiming by phone that he was a computer expert who had been kidnapped and taken to a hospital against his will, this person said. “He enthusiastically said how he could do anything with a computer,” said this person.
In Telegram messages with the Journal, Binns repeated similar claims. He said he wanted to draw attention to his perception of persecution by the authorities of the United States government. He described an alleged incident in which he claims he was kidnapped in Germany and taken to a fake psychiatric hospital.
“I have no reason to make up a fake kidnapping story and I hope someone within the FBI leaks information on that,” he wrote, explaining his reason for publicly discussing the hack.
T-Mobile confirmed the breach in mid-August and offered affected customers two years of free identity theft protection through McAfee’s Identity Theft Protection Service. The company said it has already fixed the security hole that allowed the attack.
The Seattle branch of the FBI said it is aware of the incident but has nothing more to share at this time. The FCC is already investigating the matter.
Image Credit Anete