T-Mobile confirms it was hacked during the US telecom attacks by Chinese hackers
Learn More
T-mobile confirms that Chinese state-sponsored hackers, operating under the name Salt Typhoon (also known as Earth Estries, FamousSparrow, Ghost Emperor, and UNC2286), have successfully infiltrated T-Mobile's systems as part of a broader campaign targeting major U.S. telecommunications companies.
This attack, which also impacted AT&T, Verizon, and Lumen Technologies, was specifically designed to intercept and monitor cellphone communications of high-value intelligence targets, including senior U.S. national security and policy officials.
According to a joint statement from the FBI and CISA, the hackers successfully accessed and stole various types of sensitive information, including call logs, text messages, audio communications, and notably, information about law enforcement requests submitted to telecommunication companies.
The breach appears to have been executed through vulnerabilities in network infrastructure, though Cisco has denied any compromise of their router equipment which was initially suspected as the entry point.
T-Mobile's official response downplayed the impact, stating that their "systems and data have not been impacted in any significant way" and claiming no evidence of customer information being compromised.
This incident marks T-Mobile's ninth security breach since 2019, following a series of significant security incidents including the January 2023 breach that exposed 37 million customers' data through an API vulnerability, and the April 2022 breach by the Lapsus$ extortion gang.
The investigation remains active, with U.S. authorities indicating that their understanding of these compromises is likely to expand as they uncover more details.
Update - as of 19th of November 2024, T-Mobile claims they have detected and stopped the network intrusion at the reconnaissance stage, preventing access to customer data, with the attack showing similarities to recent Salt Typhoon telecommunications sector targeting.
