28 November 2024

T-Mobile detects intrusion attempts, no sensitive data compromised


T-Mobile detects intrusion attempts, no sensitive data compromised

US telecom giant T-Mobile has disclosed that it recently detected and blocked attempts by threat actors to infiltrate its systems. The company said that no sensitive information was accessed during the incidents.

Jeff Simon, Chief Security Officer at T-Mobile, revealed that the intrusion attempts originated from a wireline provider's network connected to T-Mobile's infrastructure.

T-Mobile's security measures prevented the attackers from compromising customer data or disrupting services. As a precaution, the company has terminated connectivity with the unnamed wireline provider's network.

While T-Mobile refrained from attributing the attack to a specific threat actor, it said it has shared its findings with the US government. According to Simon, the attackers used discovery-related commands to probe network routers and map the infrastructure. However, the intrusions were blocked before the intruders could move further.

The disclosure follows reports of a China-linked cyber-espionage group, Salt Typhoon (also known as Earth Estries, FamousSparrow, GhostEmperor, and UNC2286), targeting major US telecom providers like AT&T, Verizon, and Lumen Technologies. The attacks are believed to be part of a broader intelligence-gathering campaign.


Back to the list

Latest Posts

Cyber Security Week in Review: December 6, 2024

Cyber Security Week in Review: December 6, 2024

In brief: Zero-day vulnerabilities in I-O data routers, Russian Turla hijacks C2 infrastructure of Pakistani hackers, and more.
6 December 2024
Russian Turla hijacks C2 infrastructure of Pakistani hackers in espionage campaign

Russian Turla hijacks C2 infrastructure of Pakistani hackers in espionage campaign

The group has infiltrated the C2 infrastructure of the Pakistani-based actor Storm-0156, as part of the “spy-on-spy” tactics.
5 December 2024
Japan’s CERT warns of zero-day vulnerabilities in I-O data routers

Japan’s CERT warns of zero-day vulnerabilities in I-O data routers

If exploited, the flaws allow attackers to alter device settings, execute arbitrary commands, and disable the firewall.
5 December 2024