T-Mobile USA Investigates Possible Data Breach

AMI Advance Manufacturing International, Inc. company logo

Some of the data, around 30 million Social Security and driver’s license numbers, has been put up for sale on a well-known forum for trading stolen data. The price is six bitcoins, or around $286,000. The person who is claiming to have breached T-Mobile says he is part of an international group that had access to the company’s systems for two to three weeks until Saturday. The individual claims that T-Mobile left a Gateway GPRS Support Node, or GGSN, that was apparently used for testing, exposed to the internet. GGSNs are part of the core infrastructure that connect mobile devices to the internet. “From there, we pivoted through several different IP addresses and eventually got access to their production servers,” the person says in an instant message. Eventually, the individual accessed more than 100 servers by brute forcing and using credential stuffing on internal T-Mobile servers, most of which were Oracle databases. None had rate limiting enabled.

Related Posts

About Us
AMI, Inc. it’s a nonprofit organization with a clear mission – to accelerate the digital transformation of small & medium manufacturers.

Let’s Socialize

Popular Post