It’s been over a week since T-Mobile confirmed a hack of its servers affecting tens of millions of customers. The carrier closed the access point quickly, but the hacker had already started selling stolen data by then. This week, as T-Mobile deals with the fallout of the breach, a hacker claiming responsibility for the attack sat down with The Wall Street Journal for an interview. In the interview, the hacker, John Binns, rakes T-Mobile over the coals for its poor security.
The T-Mobile hacker speaks out
Binns told the WSJ that he first discovered an unprotected router of T-Mobile’s in July. He said he had been scanning T-Mobile’s known internet addresses for vulnerabilities using a tool that anyone could download. He wouldn’t say whether or not he had actually sold any of the data he stole, although the initial Motherboard report made it clear that the data was up for sale.
After infiltrating T-Mobile’s data center in Washington, Binns had access to over 100 servers. It then took him about a week to dig through the servers containing personal information from current and former subscribers. On August 4th, he lifted the data that he would later try to sell.
“Their security is awful,” Binns told the WSJ over Telegram in the interview.
The story only gets stranger
Beyond profiting off of stolen data, Binns also wants to bring attention to his alleged persecution by the US government. Binns says he grew up in the US, but moved to Turkey three years ago. A relative in the US tells the Journal that Binns called last year claiming to be a computer expert that had been kidnapped and taken to a hospital against his will.
“He gushed about how he could do anything with a computer,” his relative explained.
Binns apparently repeated these claims in Telegram messages with the Journal. He says that he was abducted in Germany and put into a fake mental hospital.
“I have no reason to make up a fake kidnapping story and I’m hoping that someone within the FBI leaks information about that,” he explained to the Journal, revealing that this was the reason that he wanted to come forward and speak publicly about the hack.
Following the hack, T-Mobile announced that it would be taking steps to protect people affected by the data breach. Most notably, the carrier is giving away two years of free identity protection with McAfee’s ID Theft Protection Service. T-Mobile also recommends that all postpaid customers change their PINs from their T-Mobile accounts or by dialing 611 on their phones.