T-Mobile CEO says "truly sorry" for hack of 50M users' data

T-Mobile says it has notified astir each of the millions of customers whose idiosyncratic information was stolen and that it is "truly sorry" for the breach.

CEO Mike Sievert said successful a written connection Friday that the institution spends tons of effort to effort to enactment up of transgression hackers "but we didn't unrecorded up to the expectations we person for ourselves to support our customers. Knowing that we failed to forestall this vulnerability is 1 of the hardest parts of this event."

The institution disclosed earlier successful August that the names, Social Security numbers and accusation from driver's licenses oregon different recognition of conscionable implicit 40 cardinal radical who applied for T-Mobile recognition were exposed successful a caller information breach. The aforesaid information for astir 7.8 cardinal existent T-Mobile customers who wage monthly for phone service besides appeared to beryllium compromised.

Sievert's connection follows a Thursday report successful the Wall Street Journal successful which John Binns, a 21-year-old American hacker surviving successful Turkey, told the paper helium was liable for the hack and blamed T-Mobile's lax information for making it possible.

Binns told the Journal helium discovered an unprotected router exposed connected the net successful July, and utilized that introduction constituent to summation entree to servers successful a T-Mobile information halfway adjacent East Wenatchee, Washington, a fewer hours eastbound of the company's office successful the Seattle suburb of Bellevue.

Sievert made nary nonstop notation to Binns connected Friday but said that, "in short, this individual's intent was to interruption successful and bargain data, and they succeeded."

Sievert said the breach has been contained, the probe is "substantially complete" and that lawsuit fiscal accusation wasn't exposed. He said T-Mobile hired cybersecurity experts from Mandiant to assistance with the probe and is coordinating with law enforcement.

"What we tin stock is that, successful simplest terms, the atrocious histrion leveraged their cognition of method systems, on with specialized tools and capabilities, to summation entree to our investigating environments and past utilized brute unit attacks and different methods to marque their mode into different IT servers that included lawsuit data," Sievert wrote.

Sievert said the institution has notified "just astir every" existent customer who was affected, and is present doing the aforesaid for erstwhile customers and prospective customers who mightiness person supplied immoderate idiosyncratic accusation successful applying for an account. Unaffected customers volition spot a banner connected their T-Mobile online relationship leafage letting them cognize their information was not exposed.

T-Mobile became 1 of the country's largest cellphone work carriers, on with AT&T and Verizon, aft buying rival Sprint past year. It reported having a full of 102.1 cardinal U.S. customers aft the merger.

T-Mobile has antecedently disclosed a fig of information breaches implicit the years, though the astir caller was the largest. Sievert said the institution is taking steps to amended its security.

The Federal Communications Commission, which regulates wireless carriers, has said it is investigating the breach.

---

---

© 2021 The Associated Press. All rights reserved. This worldly whitethorn not beryllium published, broadcast, rewritten oregon redistributed without permission.