A hacker has come forward to claim that he executed the T-Mobile data breach that exposed nearly 50 million users’ personal data, criticizing the cyber-security infrastructure at the US telecommunication giant.
According to a report by The Wall Street Journal, the hacker who goes by the name of John Binns said he was behind the attack and provided evidence that he could access accounts associated with it.
“John Binns, a 21-year-old American who moved to Turkey a few years ago, told The Wall Street Journal he was behind the security breach. Mr. Binns, who since 2017 has used several online aliases, communicated with the Journal in Telegram messages from an account that discussed details of the hack before they were widely known,” the report mentioned on Thursday.
He called the carrier’s security “awful”, saying that realizing how much data he had access to make him panic.
T-Mobile has admitted that nearly 47.8 million customers were affected in the latest data breach.
T-Mobile, which has more than 100 million customers, said its preliminary analysis found that approximately 7.8 million current T-Mobile postpaid customer accounts’ information appears to be contained in the stolen files, as well as just over 40 million records of former or prospective customers who had previously applied for credit with T-Mobile.
According to Binns, he was able to get customer (and former customer) data from T-Mobile by scanning for unprotected routers.
The Seattle office of the Federal Bureau of Investigation is investigating the T-Mobile hack.
“The FBI is aware of the incident and does not have any additional information at this time,” the Seattle office said in a statement.
Reports surfaced last week that hackers were selling the T-Mobile data for six Bitcoins ($270,000) on the Dark Web.
The sellers told Motherboard that they have obtained data related to over 100 million people which came from T-Mobile servers and includes Social Security numbers, names, addresses, and driver license information
T-Mobile said that it was taking immediate steps to help protect all of the individuals who may be at risk from this cyberattack.
T-Mobile has been the target of several data breaches in the last few years.