The telecommunications industry is one of the favorite targets of cybercriminals, perhaps because of the sensitive data it stores. Your carrier knows who you call and what you text. This kind of information is valuable not only to hackers but also to governments. Perhaps that’s why American mobile phone giant T-Mobile was hacked in recent months as part of a broader cyber attack on domestic and international phone and internet companies.
We’re giving away a $500 gift card this holiday season.
Enter by signing up for our free newsletter!
What you need to know
Although there was unauthorized access to a limited number of T-Mobile routers using techniques indicative of large-scale Chinese cyber espionage, T-Mobile’s layered defenses and security monitoring ensured that T-Mobile was able to mitigate the threat. We were able to quickly identify and block it.
The report revealed that hackers linked to Chinese intelligence infiltrated T-Mobile as part of a months-long effort to spy on the cell phone communications of high-value intelligence targets. The report did not specify when the attack occurred, but T-Mobile said no customer calls or communication records were stolen.
The U.S. government also acknowledged this month that Chinese hackers broke into multiple U.S. telecommunications service providers to gain access to wiretapping systems used by law enforcement to monitor Americans. Wiretapping systems allow law enforcement to monitor phone calls, text messages, and Internet communications as part of an investigation, usually with a warrant.
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI released a joint statement disclosing “extensive and significant” cyber espionage operations. The statement said Chinese hackers had infiltrated the networks of “multiple telecommunications companies” across the United States. CISA and the FBI have not named the affected organizations, but reports suggest T-Mobile, AT&T, Lumen (formerly CenturyLink), and Verizon are likely on the list. There is.
The Journal reported in October that Chinese hackers had access to the network “for more than several months” and were able to collect “Internet traffic from Internet service providers serving large and small businesses and millions of Americans.”
Here’s what ruthless hackers stole from 110 million AT&T customers
T-Mobile’s many data breaches
T-Mobile has faced several hacks in recent years. In 2021, a malicious attacker infiltrated T-Mobile’s lab environment by feigning a legitimate connection to an unidentified device. Hackers guessed passwords on multiple servers and moved laterally within the network, ultimately stealing personal data such as names, addresses, social security numbers, and driver’s license IDs from tens of millions of customers. Ta.
In 2022, T-Mobile announced another attack in which malicious attackers used SIM swapping, phishing, and other tactics to compromise internal platforms that manage mobile resellers that serve T-Mobile customers. I experienced a breach.
The problem continued until 2023. Earlier in the year, hackers used phishing credentials from dozens of T-Mobile retail employees originally set up to remotely view customer data during the COVID-19 pandemic. You have accessed the sales application. Then, in January 2023, a misconfiguration in the application programming interface exposed the personal data of 37 million current customers, creating an even more serious security flaw.
Beware of encrypted PDFs as the latest method to deliver malware
T-Mobile’s response
When CyberGuy reached out to T-Mobile regarding the latest security incident, a spokesperson issued the following statement: “T-Mobile is closely monitoring attacks across this industry. Due to our security controls, network structure, and close monitoring and response, we have determined to date that there has been no material impact to T-Mobile’s systems or data. There is no evidence of access or exfiltration of sensitive customer or other information as other companies have experienced. We will continue to closely monitor this in collaboration with our industry peers and relevant authorities. ”
What to do if your bank account is hacked
5 ways to stay safe amid rising communications data breaches
1) Change your passwords regularly: Get in the habit of updating your passwords, especially for communication accounts and related services, every few months. Use a strong, unique password that includes a combination of letters, numbers, and symbols. A password manager can help you generate and store these securely.
2) Invest in a personal data deletion service: Consider a service that removes personal information from public databases. This makes it less likely that your data will be used for phishing or other cyber-attacks after a breach. Check out the data deletion services I recommend here.
3) Use an identity theft protection service: An identity theft protection service can monitor your account for unusual activity, alert you to potential threats, and help you resolve the issue if your data is compromised. You can also. Check out our tips and recommendations on how to protect yourself from identity theft.
4) Enable Two-Factor Authentication (2FA): Use 2FA to add an extra layer of security to your communication accounts. This requires a second form of authentication, such as a text code or app-based prompt, making it difficult for hackers to access your account even if they know your password.
5) Protect against phishing scams with strong antivirus software: Be wary of unsolicited phone calls, texts, and emails seeking access to your personal information or accounts. Legitimate companies will never ask for sensitive information in this way. If something seems amiss, please contact your communications provider directly through their official channels. Do not click on any links under any circumstances as they may lead to fraud or malware.
The best way to protect yourself from malicious links that can install malware and access your personal information is to install strong antivirus software on all your devices. This protection also warns you about phishing emails and ransomware scams, keeping your personal information and digital assets safe. Check out my picks for the best antivirus protection products of 2024 for your Windows, Mac, Android, and iOS devices.
Cart important points
Telecommunications providers like T-Mobile and AT&T are often targeted by hackers. Over the past two years, millions of Americans have had their data stolen, including call records, text messages, and even personal information. As the problem worsened, the FCC intervened and warned T-Mobile to step up its cybersecurity efforts. The company was fined approximately $30 million, including a $15 million fine and a $15 million mandatory investment in security improvements. Unfortunately, there’s only so much you can do if your data continues to be compromised.
Do you think the fines and penalties against carriers are enough of a deterrent, or should you face harsher penalties? Email us at Cyberguy.com/Contact.
CLICK HERE TO GET THE FOX NEWS APP
For more of my tech tips and security alerts, visit Cyberguy.com/Newsletter and subscribe to my free CyberGuy Report newsletter.
Ask Kurt a question or let us know your story you’d like us to cover.
Follow Kurt on his social channels.
Answers to CyberGuy frequently asked questions:
New from cart:
Copyright 2024 CyberGuy.com. Unauthorized reproduction is prohibited.