Hackers may have taken customer data right off of T-Mobile website

Hackers have been spreading around a method to access any T-Mobile customer’s personal information, including account members’ upgrade and billing information, email, IMSI and other associated phone numbers.

All it takes is rendering script with an authorized token to T-Mobile’s site and plugging in a phone number at the end of it. Exploits of this type have also affect AT&T iPad accounts and MetroPCS.

While it was first publicly reported to Motherboard by security firm Secure7, an anonymous blackhat hacker later told the said publication that the bug had been exploited since at least early August. It’s not clear if any widespread compromise has been committed or if it would have been monetarily valuable to malicious actors, but even on an individual level, it can be pretty tough.

“A bunch of sim swapping skids had the [vulnerability] and used it for quite a while,” said the hacker, to illegally steal phone numbers from people.

User location data would also be compromised through by obtaining access to the SS7 infrastructure.

T-Mobile patched the exploit last week and gave Secure7 founder Karan Saini a bounty reward of $1,000. It later stated that it “found no evidence of customer accounts affected as a result of this vulnerability.”

In 2015, Experian admitted that a breach had compromised millions of T-Mobile customers data.

Share This Post

Watch the Latest Pocketnow Videos

About The Author
Jules Wang
Jules Wang is News Editor for Pocketnow and one of the hosts of the Pocketnow Weekly Podcast. He came onto the team in 2014 as an intern editing and producing videos and the podcast while he was studying journalism at Emerson College. He graduated the year after and entered into his current position at Pocketnow, full-time.