T-Mobile hacker slams company security as 'awful'

Renovated Headquarters
(Image credit: T-Mobile)

The hacker reportedly behind the recent T-Mobile data breach has revealed his identity in a new interview in which he said the US telecom has 'awful' security.

As first reported by The Wall Street Journal, 21-year-old American hacker John Binns who now lives in Turkey told the news outlet that he was responsible for hacking T-Mobile and provided evidence showing how he could access user accounts on the company's systems.

Binns said that he was able to obtain customer data from the mobile carrier by scanning the web for unsecured routers. After finding one, he was able to access a data center in Washington state which contained the credentials for over 100 servers.

After realizing how much data he had access to, Binns panicked and it was at this point that he came to believe that T-Mobile's security was awful. However, it is still unclear as to whether he acted alone or had help but in his interview with the Wall Street Journal, Binns did allude to how he worked with other for at least part of the hack.

The real deal or just taking credit?

Regardless of whether or not Binns' claims are true, the T-Mobile data breach will likely have wide-reaching after effects for many its customers whose personally identifiable information (PII), IMEI numbers, IMSI numbers and other data was exposed.

Thankfully though, in a recent statement, T-Mobile did say that it is confident it was able to close “the access and egress points the bad actor used in the attack”. Still, suffering a data breach will likely have negative effects on the company's business and could lead to further investigation from regulators.

In addition to claiming responsibility for the T-Mobile hack, Binns also provided further details on his experience as a hacker to the Wall Street Journal. He said that he got his start developing cheats for popular video games before discovering a flaw that was later used in a botnet which targeted IoT devices.

Binns also said in the interview that he exposed T-Mobile's data as way of generating “noise” to bring attention to his claims that the FBI allegedly kidnapped him in Germany and placed him in a fake mental hospital.

At this point, Binns could either really be behind the T-Mobile data breach or could just be taking credit for it to draw attention to his cause. We likely won't know more until the mobile carrier and US government agencies complete their full investigation into the matter.

Via The Verge

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.