Data Theft a Result of 'Brute Force' Attack by Hacker, T-Mobile CEO Says
A hacker used “brute force” to hack into T-Mobile’s system and steal customer data (see 2108180062), CEO Mike Sievert blogged Friday. T-Mobile is working with law enforcement and is constrained in what it can say, he noted. “What we can share is that, in simplest terms, the bad actor leveraged their knowledge of technical systems, along with specialized tools and capabilities, to gain access to our testing environments and then used brute force attacks and other methods to make their way into other IT servers that included customer data,” Sievert said: “In short, this individual’s intent was to break in and steal data, and they succeeded.” T-Mobile is acting to make its systems more secure, he said. The carrier is getting help from cybersecurity experts at Mandiant and consulting firm KPMG, he said. Mandiant has been part of the forensic investigation “and we are now expanding our relationship to draw on the expertise they’ve gained from the front lines of large-scale data breaches and use their scalable security solutions to become more resilient to future cyber threats,” he said: KPMG is reviewing “all T-Mobile security policies and performance measurement.”