Topics: Security

Hackers Claim To Have Pwned US T-Mobile. As In: Everything.

Posted by George Hulme, Jun 8, 2009 10:50 AM

It's not the kind of forum post an executive would like to see created about their company. It's not a leaked rumor about an upcoming product or service, or even a ranting upset customer. Nope. It's a group claiming to have controlled portions of your IT network for a long time.

And they published what looks to be proof of the breach. T-Mobile is investigating.

This post hit the Full Disclosure security mailing list over the weekend:

Hello world,
The U.S. T-Mobile network predominately uses the GSM/GPRS/EDGE 1900 MHz frequency-band, making it the largest 1900 MHz network in the United States. Service is available in 98 of the 100 largest markets and 268 million potential customers.

Like Checkpoint Tmobile has been owned for some time. We have everything, their databases, confidental documents, scripts and programs from their servers, financial documents up to 2009.

We already contacted with their competitors and they didn't show interest in buying their data -probably because the mails got to the wrong people- so now we are offering them for the highest bidder.

Please only serious offers, don't waste our time.

If true, I wonder how much customer data has been compromised? I've a feeling that we'll find out soon enough, should the culprits not get what they're asking.

If they did get financial records, that could very well be a regulatory problem for T-Mobile, specifically with Sarbanes-Oxley compliance. But that may not be the biggest concern T-Mobile has at the moment.

To back up their claims, they published a list of servers that are purported to have been breached, including applicationIDs and IP addresses. The list includes a number of billing and collection systems.

Right now, it doesn't look good. But there's a chance the entire post is a hoax.

T-Mobile has issued a statement saying that it is investigating, and that the company would notify customers if there were any evidence that customer information was compromised.

This incident begs the question: is your company ready for such an incident? Well, as ready as one could be? How would your legal, HR, and incident response teams get engaged should this happen? What's the plan? How would you handle the preliminary customer calls and questions? Who in law enforcement would you contact?

The time to answer those questions is before something like this happens. Not cobbling together the response as it is happening.

« Some Linux Critiques By Way Of A Solaris Dissenter | Main | Computers Key To Air France Crash »

This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.

Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's Terms of Service.

Important Note: This comment area is NOT intended for commercial messages or solicitations of business.