A hacktivist group believed to be associated with Anonymous has posted the personal information of about 80 T-Mobile employees after apparently exploiting several website vulnerabilities.
We've identified the root cause of the issue and security protocols have been updated.
The group calling itself TeaMp0isoN, posted the names, email addresses, phone numbers and passwords of the employees following a T-Mobile attack that took place last week. In the post on the Pastebin website, the hacktivist group said the passwords appear to have been manually given to staff via an administrator who uses the same set of passwords.
The group claimed to have exploited SQL injection vulnerabilities to obtain the information. In a report on the T-Mobile attack on the Softpedia website, the group said it attacked the company's server because T-Mobile is known for supporting the "Big Brother Patriot Act" law.
Contacted by phone, William Boni, vice president of information security and corporate information security officer referred all questions to T-Mobile’s corporate press office. T-Mobile’s parent company Deutsche Telekom said the attack impacted its media team. Customers were not affected, a company spokesperson said.
The breach affected T-Mobile's newsroom, which is hosted by an external third party. No other online T-Mobile properties were affected.
"We've identified the root cause of the issue and security protocols have been updated," a spokesperson told SearchSecurity.com. "This issue did not impact T-Mobile customers."
T-Mobile has had to deal with data leakage in the past. In 2009, the U.K. arm of the telecommunications giant dealt with an insider attack in which two employees were to blame for stealing possibly millions of T-Mobile U.K. customer records and selling the data to competitors. The data included customers' contract renewal information, including customers' contract expiration dates. T-Mobile said the data was sold to "third parties." Two T-Mobile employees were fined for their role in the breach under the U.K.’s data protection rules.
Getting Ahead of Advanced Threats
T-Mobile's Boni, a member of the Security for Business Innovation Council, was on a panel last week discussing the problem of threat intelligence sharing between organizations and understanding the nature and breadth of threats to an organization. The discussion was held at the headquarters of RSA, the Security Division of EMC Corp. in conjunction with the release of the council’s new report, “Getting Ahead of Advanced Threats.” (.pdf)
Boni, who has been in charge of corporate security at T-Mobile for the last two years, helped author the report. He said understanding the security culture within an organization and getting IT staff to think more about security and intelligence gathering is an often painstaking process. Most IT personnel think of themselves as being in a service-level maintenance role within the organization, he said.
“That’s in their DNA,” Boni said of most IT professionals. “Our challenge is to make the organization more resilient and that means changing the mindset of the average IT person.”
In the report, the council, which is sponsored by RSA, lays out a six-step roadmap to turning an organization into intelligence gathering team. It starts with basic security steps including conducting comprehensive risk assessments, getting executive management on board and building external and internal sources to better understand the organization’s adversaries.