A person named John Binns came forward claiming that he was the one behind the T-Mobile data breach that exposed 50 million people’s information. Mr. Binns has come forward to reveal his identity and also, to criticize T-Mobile’s security.
According to Binns, he was able to get customer (and former customer) data from T-Mobile by scanning for unprotected routers. He found one, he told the Journal, which allowed him to access a Washington state data center that stored credentials for over 100 servers. He called the carrier’s security “awful”
The information the hacker gained access to includes sensitive personal data, like names, birthdates, and Social Security numbers as well as important cellular data like identification numbers for cellphones and SIM cards. T-Mobile has said in a statement that it’s “confident” that it’s “closed off the access and egress points the bad actor used in the attack.”
According to the WSJ, it’s unclear whether Mr. Binns was working alone, though he implied that he collaborated with others for at least part of the hack. The report goes in-depth into Binns’ history as a hacker. He claims that he got his start making cheats for popular video games and that he discovered the flaw that ended up being used in a botnet that attacked IoT devices (though he denies actually working on the code).
MR. BINNS DESCRIBES A TROUBLED RELATIONSHIP WITH US INTELLIGENCE SERVICES
Source: The Verge
According to Binns, his relationship with US intelligence services is troubled, to say the least. A lawsuit that appears to have been filed by Binns in 2020 demands that the CIA, FBI, DOJ, and other agencies tell him what information they have on him.
The lawsuit also accuses the government of, among other things, having an informant try to convince Binns to buy Stinger missiles on an FBI-owned website, attacking Binns with psychic and energy weapons, and even with being involved in his alleged kidnapping and torture.
An FBI response to his lawsuit denied he was being investigated by the bureau for the botnet, or having information related to the alleged surveillance, and abduction, and torture.
Binns told the WSJ that one of his goals behind the attack was to “generate noise,” saying that he hopes someone in the FBI will leak information related to his alleged kidnapping.
About two weeks ago, a similar incident happened when Polynetwork was hacked by a group of hackers that literally stole a hefty amount of $600 million. But they decided to return back the amount. Polynetwork said that the person had exploited a vulnerability in its system.
More About Security
- How to Share a Password Securely? [3 Safest Ways]
- Amazon Will Pay You $10 Credit For Your Palm Print Biometrics
- Netflix Escalates ‘VPN Ban’ and Targets Residential IP Addresses
- Personal Cybersecurity: [6 Stellar Tips to Protect Your Online Presence]
- Tim Cook, Satya Nadella, and other CEOs reportedly to meet with President Biden