Hacker who stole data from millions of customers says T-Mobile’s security is ‘awful’

Recently, T-Mobile underwent a massive security breach that resulted in the data of millions of customers being accessed and, in some cases, sold off by the hacker who stole the data. Now, the person behind that breach has come forward. And, according to them, the wireless carrier’s security is . . . not great.

In fact, the 21-year-old who is allegedly behind the attack goes as far as to say T-Mobile’s security is “awful.” According to a report fromĀ The Wall Street Journal, the hacker has been identified as John Binns, an American currently living in Turkey. Binns says he scanned T-Mobile’s known internet addresses and discovered an unprotected router. Upon accessing it, Binns says he was surprised when he realized he had access to “something big.”

Binns used that unprotected router to access T-Mobile’s data center, which is located in the state of Washington in the United States. Stored credentials then provided the hacker access to over 100 servers. Perusing those servers over the course of a week eventually led Binns to the confidential data of millions of T-Mobile customers. He downloaded that data on August 4, and around August 13 T-Mobile was informed that someone was selling that data.

At this point, the magenta un-carrier has confirmed that the data of more than 50 million customers was breached by Binns. That stolen data consists of quite a bit, including birthdates, ID cards, social security numbers, names, and even stored license information.

You should absolutely go read the full report to see why Binns went through with the hack, which he said, in part, was to “create noise.”

Hopefully this means T-Mobile will step up its security from this point on.