A recent cyber attack on U.S. telecom networks has affected T-Mobile and its prepaid subsidiary, Mint mobile. A WSJ report indicates that both the companies fell victim to a destructive wave of cyber-espionage operation carried out by Chinese hackers, who were successful in breaking into several U.S. and foreign telecom corporations. As a result of this attack, T-Mobile users experienced difficulties, including an inability to make calls, send text messages and access the internet. A T-Mobile spokesperson told Reuters in an email that “T-Mobile is closely monitoring this industry-wide attack.” He also stated “At this time, T-Mobile systems and data have not been impacted in any significant way, and we have no evidence of impacts to customer information”.
What we know about T-Mobile?
T-Mobile is the US’s 2nd largest wireless network operator with 127.5 million subscribers. Headquartered in Bellevue, Washington, was founded in 1994 by John W. Stanton. T-Mobile has many subsidiaries including Mint Mobile, which is also a victim of a recent Chinese cyber attack on the US network operators. Deutsche Telekom, a German telecommunication company holds a 51.4% stake in the company.
Major affected area by recent cyber-security breach
DownDetector reports that the blackout has impacted major U.S. cities and prompted complaints on social media from frustrated users, including Mint Mobile customers, T-Mobile’s prepaid subsidiary.
As a report by BleepingComputer, this attack is 9th breach on T-Mobile since 2019, other instances being:
- In 2019, T-Mobile made the account details of an undisclosed number of prepaid subscribers public.
- The personal and financial information of T-Mobile employees was compromised in a data breach that occurred in March 2020.
- Threat actors gained access to consumer proprietary network data (phone numbers, call logs) in December 2020.
- In February 2021, unidentified attackers gained unauthorized access to an internal T-Mobile application.
- In August 2021, when a T-Mobile testing environment was breached, hackers used brute-force attacks to break into the carrier’s network.
- The Lapsus$ extortion gang used credentials they had stolen to infiltrate T-Mobile’s network in April 2022.
- T-Mobile acknowledged in January 2023 that hackers had exploited a weak Application Programming Interface (API) in November 2022 to exploit 37 million customers’ personal data.
- T-Mobile revealed a hack in May 2023 that exposed private data but only affected 836 subscribers.
Conclusion: Probable Motive of the Attack
What precisely were the hackers aiming for? Some clarification comes from a combined FBI (Federal Bureau of Investigation) and CISA (Cybersecurity and Infrastructure Security Agency) statement. According to the statement, the Chinese government is involved in a widespread cyber-espionage effort that targets telecom companies in the United States. The theft of call logs and conversations from a select group of people, mostly those engaged in political or governmental activities, seems to be the aim.
Call to Action
I do not use T-Mobile or Mint Mobile, as both network operators do not provide services in India. If you are reading this blog from the USA, then feel free to share your experience with T-Mobile & Mint Mobile by commenting on box below. This blog is based on my research on various US news portals. Thank you for visiting TechGiraffe. Bye-bye till the next blog.