T-Mobile earlier this month confirmed that it was hit by a data breach that included the personal information of close to 50 million current, past, and potential customers. Now, the hacker that claims to be responsible for the attack says T-Mobile’s “security is awful.”
John Binns, a 21-year-old American who moved to Turkey a few years ago, told The Wall Street Journal he was behind the security breach. Binns says he discovered an unprotected router in July after scanning T-Mobile’s known internet addresses for weak spots.
Binns then used the router to access T-Mobile’s data center located in Washington, where he says stored credentials provided him access to over 100 servers. He initially panicked because he recognized that he “had access to something big,” later saying that T-Mobile’s “security is awful.”
He took around a week to sort through the servers until he found the personal data on millions of T-Mobile customers. Binns downloaded the data on August 4. On August 13, the carrier was informed that someone was selling the data, and it confirmed the breach a few days later.
The Wall Street Journal took steps to confirm that the hacker selling the data was Binns, using his IRDev online alias.
Binns told the publication that he hacked T-Mobile to “generate noise” and get attention as he had allegedly been the victim of an illegal kidnapping that saw him taken to a fake mental hospital in Germany.
Binns would not confirm that he had sold any of the data that he stole, and at this point, it isn’t clear if he had accomplices. The Seattle office of the FBI is investigating the hack.
The carrier says it will offer 2 years of free identity protection services from McAfee’s ID Theft Protection Service. Customers are encouraged to change their account’s PIN. The carrier will also implement an additional step to protect mobile accounts with Account Takeover Protection, and publish a new web page for information and solutions for customers to further protect themselves.