T-Mobile Systems Hacked? - Hackers claim financial data, databases compromised...
Links: home · search · speed test · login · more ·
T-Mobile Systems Hacked?
Hackers claim financial data, databases compromised...
08:57AM Monday Jun 08 2009 by Karl Bode
tags: business · security · trouble · privacy · consumers · TMobile
Over the weekend a Channel Insider security blogger noticed a post on insecure.org by hackers claiming to have compromised T-Mobile's network security. According to the post, the hackers claim (with supporting posted code) to have obtained T-Mobile databases, "confidental" (sic) documents", scripts and financial data -- which they say they're selling to the highest bidder. In a statement, T-Mobile says they're "fully investigating the matter," and will contact T-Mobile users should the claims prove valid. Security analysts have spent the last 48 hours or so trying to determine whether the claim is a hoax.

Related:
  1. Thursday Evening Links
  2. Wednesday Evening Links
  3. Thursday Evening Links
  4. Friday Evening Links
  5. Monday Evening Links
  6. Wednesday Evening Links
  7. Friday Evening Links
  8. Wednesday Evening Links
Links: New Topic
Forums »

baineschile @ 8th Jun 09:12AM:
Ya think

This type of information would be on a closed system at corporate HQ.

I wonder if its financial data on the company, or their users.
reply
Chaldo @ 8th Jun 09:17AM:
Re: Ya think

Yea but its all in the inner network, if they get access to vpn somehow they can access that information.
reply
pottypants @ 8th Jun 09:25AM:
chopper plans

and the helicopter plans were on a closed network also... ;)
reply
PToN @ 8th Jun 09:28AM:
OS or app?

Is the list on the post made at insecure.org is true, i would wonder if it would be a new vulnerability in *nix..? There is a lot of HP-UX listed there as well as AIX and Sun...
reply
bigfitch @ 8th Jun 09:51AM:
Re: OS or app?

If this is true. It just adds more proof that everything is accesable if you have the know how and the time.

Wonder if said hacker left himself a backdoor to get more info for his next auction. Lol
reply
PToN @ 8th Jun 10:30AM:
Re: OS or app?

Well, once he said he got it he close any possible backdoor he/she might have left.

He wanted this for $$$ and not for any other purpose. Any respectable hacker/cracker knows that one of the rules is to never close any doors to a system you might need later, else he would have said nothing and he might have been able to use the servers for much bigger things. However, this is just an extortion case..
reply
anon @ 8th Jun 11:57AM:
I hope he requests

Hopefully he requests for them to get better data coverage and try to get on par with AT&T for voice coverage :D

Then it wouldn't be an extortion... but rather a robin hood like effort ;)
reply
KodiacZiller @ 8th Jun 12:19PM:
Re: OS or app?

said by PToN :

Is the list on the post made at insecure.org is true, i would wonder if it would be a new vulnerability in *nix..? There is a lot of HP-UX listed there as well as AIX and Sun...
Could just be that the T-mobile admins were lazy about security updates. This is how their systems were breached back in 2005. They failed to patch a security exploit that had been widely known about for a while.
reply
ruralrouter @ 8th Jun 12:41PM:
And try to get service w/o them keeping your SSN on file

I'm sure it's required for other reasons besides a credit report these days...but what's wrong with DELETING IT after you have run the credit report.

And if it is the case that stricter post 9/11 laws require such info to be kept (and thereby more available for theft)...then where is the companion legislation that cracks down on all banking and commercial entities that let you get credit and do things without full and proper verification of identity that goes beyond the current status quo.

The more this goes on the more I'm for Federal IDs that include biometrics. If I am going to lose my privacy anyway I may as well feel more confident that nobody is going to steal my identity as well.
reply
Mannus @ 8th Jun 01:45PM:
Bwahahahahahaha!

You cant' stop me and my TRS-80 from ruling the WORLD!!!!! :D
reply
cyclone_z @ 8th Jun 01:59PM:
Re: OS or app?

said by KodiacZiller :

said by PToN :

Is the list on the post made at insecure.org is true, i would wonder if it would be a new vulnerability in *nix..? There is a lot of HP-UX listed there as well as AIX and Sun...
Could just be that the T-mobile admins were lazy about security updates. This is how their systems were breached back in 2005. They failed to patch a security exploit that had been widely known about for a while.
Having worked for one of the companies that sells one of those operating systems, I will tell you that often times big companies are lax on internal security. They have a good firewall, but systems on the other side are unpatched. They make the mistake of trusting the network, but all it takes is one security breach, and then someone is in a wonderland of vulnerable systems. The company I worked for was running a number of unpatched Windows servers, and that got them in trouble when a windows virus got through via email. It then started spreading on the internal network. There were also engineers using Unix workstations running outdated releases of our Unix-based OS for which we were no longer making security patches. They were also using things like rsh, telnet, etc., which don't encrypt anything. Were someone from the outside to get a compromised machine and set ethernet in promiscuous mode -- oh man, a cornucopia of passwords!

T-Mobile may be doing something similar. The lesson is don't trust the network, even if you have a firewall.
reply
PapaMidnight @ 8th Jun 02:30PM:
Re: OS or app?

said by cyclone_z :

said by KodiacZiller :

said by PToN :

Is the list on the post made at insecure.org is true, i would wonder if it would be a new vulnerability in *nix..? There is a lot of HP-UX listed there as well as AIX and Sun...
Could just be that the T-mobile admins were lazy about security updates. This is how their systems were breached back in 2005. They failed to patch a security exploit that had been widely known about for a while.
Having worked for one of the companies that sells one of those operating systems, I will tell you that often times big companies are lax on internal security. They have a good firewall, but systems on the other side are unpatched. They make the mistake of trusting the network, but all it takes is one security breach, and then someone is in a wonderland of vulnerable systems. The company I worked for was running a number of unpatched Windows servers, and that got them in trouble when a windows virus got through via email. It then started spreading on the internal network. There were also engineers using Unix workstations running outdated releases of our Unix-based OS for which we were no longer making security patches. They were also using things like rsh, telnet, etc., which don't encrypt anything. Were someone from the outside to get a compromised machine and set ethernet in promiscuous mode -- oh man, a cornucopia of passwords!

T-Mobile may be doing something similar. The lesson is don't trust the network, even if you have a firewall.
Not quite sure the lesson is so much of "Don't trust the network".

More along the lines of as we always say in the security world: "The weakest element in any security system is the human element."
reply
hottboiinnc @ 8th Jun 10:41PM:
Re: And try to get service w/o them keeping your SSN on file

I had TM service without giving them my SSN.
reply
KevNYC @ 8th Jun 10:43PM:
Re: OS or app?

SkyNet anyone?
reply
dvd536 @ 9th Jun 02:12AM:
Re: And try to get service w/o them keeping your SSN on file

said by hottboiinnc :

I had TM service without giving them my SSN.
So do i. they don't even have my real name or address. prepaid for the win!
--
When I gez aju zavateh na nalechoo more new yonooz tonigh molinigh - Ken Lee
reply
mastermind278 @ 9th Jun 08:13AM:
T-Mobile has confirmed....

“To reaffirm, the protection of our customers’ information and the security of our systems is paramount at T-Mobile. Regarding the recent claim on a Web site, we’ve identified the document from which information was copied, and believe possession of this alone is not enough to cause harm to our customers. We continue to investigate the matter, and have taken additional precautionary measures to further ensure our customers’ information and our systems are protected. At this moment, we are unable to disclose additional information in order to protect the integrity of the investigation, but customers can be assured if there is any evidence that customer information has been compromised, we would inform those affected as quickly as possible.”

-Sources
»www.cio.com/article/494553/T_Mob···_Genuine
»www.cellphonesignal.com/t-mobile···stomers/
--
Mastermind 4 Life ® ™ ©
reply
anon @ 9th Jun 01:49PM:
I think they are from outside USA...

I think they are from outside USA based on the language they use:

"We already contacted with their competitors and they didn't show interest in buying their data -probably because the mails got to the wrong people- so now we are
offering them for the highest bidder. "

Where it says "with" their competitors, it should be "we already contacted their competitors" without the "with"

Another example, "their competitors" , "their data"
Maybe it should have been "the data" or "Alltel data"

Where it says "for" the highest bidder it should be "to" the highest bidder.

The entire thing the way is written seems a bit odd. So I think they are from outside USA.
reply
anon @ 9th Jun 01:52PM:
One more thing...

Just noticed "probably because" that is definitely not a everyday word used in USA.

I am almost convinced they are from outside USA....
reply
anon @ 9th Jun 03:52PM:
Re: OS or app?

It is not "Don't trust the network", but "don't trust the users"!
reply

Thank you for using lo-fi dslreports.com - report bugs
© 99-2009 silver matrix LLC