US telecom giant T-Mobile has disclosed that it recently detected and blocked attempts by threat actors to infiltrate its systems. The company said that no sensitive information was accessed during the incidents.
Jeff Simon, Chief Security Officer at T-Mobile, revealed that the intrusion attempts originated from a wireline provider's network connected to T-Mobile's infrastructure.
T-Mobile's security measures prevented the attackers from compromising customer data or disrupting services. As a precaution, the company has terminated connectivity with the unnamed wireline provider's network.
While T-Mobile refrained from attributing the attack to a specific threat actor, it said it has shared its findings with the US government. According to Simon, the attackers used discovery-related commands to probe network routers and map the infrastructure. However, the intrusions were blocked before the intruders could move further.
The disclosure follows reports of a China-linked cyber-espionage group, Salt Typhoon (also known as Earth Estries, FamousSparrow, GhostEmperor, and UNC2286), targeting major US telecom providers like AT&T, Verizon, and Lumen Technologies. The attacks are believed to be part of a broader intelligence-gathering campaign.