Aug 26, 2021 - Technology

T-Mobile hacker explains how he breached carrier's security

T-Mobile store sign

Photo by Chip Somodevilla/Getty Images

John Binns, a 21-year-old American who now lives in Turkey, told the Wall Street Journal that he was behind the T-Mobile security breach that affected more than 50 million people earlier this month.

The intrigue: Binns said he broke through the T-Mobile defenses after discovering an unprotected router exposed on the internet, after scanning the carrier's internet addresses for weak spots using a publicly available tool.

  • “I was panicking because I had access to something big,” he wrote in Telegram messages to the Journal. “Their security is awful.”
  • “Generating noise was one goal,” Binns said. He declined to say whether he sold any of the information he stole, or whether he was paid for the hack.

The big picture: It was the third major data leak the network has disclosed in the last two years, per WSJ. T-Mobile is the second-largest U.S. mobile carrier, housing the data of around 90 million cellphones.

Background: Some of the information exposed in the breach included names, dates of birth, social security numbers and personal ID information. The breach is being investigated Seattle's FBI office, according to the Journal.

Go deeper